Re: Fixing insecure security definer functions

Поиск
Список
Период
Сортировка
От Stephen Frost
Тема Re: Fixing insecure security definer functions
Дата
Msg-id 20070329181050.GZ31937@tamriel.snowman.net
обсуждение исходный текст
Ответ на Re: Fixing insecure security definer functions  ("Merlin Moncure" <mmoncure@gmail.com>)
Ответы Re: Fixing insecure security definer functions  ("Merlin Moncure" <mmoncure@gmail.com>)
Re: Fixing insecure security definer functions  (Tom Lane <tgl@sss.pgh.pa.us>)
Re: Fixing insecure security definer functions  (Peter Eisentraut <peter_e@gmx.net>)
Список pgsql-hackers
Дерево обсуждения 
* Merlin Moncure (mmoncure@gmail.com) wrote:
> fwiw, I think this is a great solution...because the default behavior
> is preserved you get through without any extra guc settings (although
> you may want to add one anyways).

I agree that the proposed solution looks good.

> maybe security definer functions should raise a warning for implicit
> PATH NONE, and possibly even deprecate that behavior and force people
> to type it out in future (8.4+) releases.

While I agree that raising a warning makes sense I don't believe it
should be forced.  There may be cases where, even in security definer
functions, the current search_path should be used (though, of course,
care must be taken in writing such functions).
Thanks,
    Stephen

В списке pgsql-hackers по дате отправления:

Предыдущее
От: "Merlin Moncure"
Дата:
Сообщение: Re: Fixing insecure security definer functions
Следующее
От: Bruce Momjian
Дата:
Сообщение: Re: tsearch_core patch for inclusion