Re: POC for a function trust mechanism
От | Nico Williams |
---|---|
Тема | Re: POC for a function trust mechanism |
Дата | |
Msg-id | 20180809195656.GC5695@localhost обсуждение исходный текст |
Ответ на | POC for a function trust mechanism (Tom Lane <tgl@sss.pgh.pa.us>) |
Список | pgsql-hackers |
On Wed, Aug 08, 2018 at 01:15:38PM -0400, Tom Lane wrote: > This is sort of a counter-proposal to Noah's discussion of search path > security checking in <20180805080441.GH1688868@rfd.leadboat.com>. > (There's no technical reason we couldn't do both things, but I think > this'd be more useful to most people.) So, this is why I always fully-qualify all references to functions, tables, etc. I also always set a search_path on each function just in case I accidentally leave a non-fully-qualified symbol. I would like to have a way to request that all non-fully-qualified symbols be resolved at function create/replace time and that the resolution results be made permanent for the function. If I have several schemas in a search_path at function definition time, this would not allow me to move dependencies around without replacing the dependents -- that's OK for me. Nico --
В списке pgsql-hackers по дате отправления: