Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions

On Tue, 2024-06-11 at 15:24 +0530, Ashutosh Sharma wrote:
> 3) When the ALTER EXTENSION SET SCHEMA command is executed and if the
> function's search_path contains the old schema of the extension, it
> is
> updated with the new schema.

I don't think it's reasonable to search-and-replace within a function's
SET clause at ALTER time.

I believe we need a new special search_path item, like
"$extension_schema", to mean the schema of the extension owning the
function. It would, like "$user", automatically adjust to the current
value when changed.

That sounds like a useful and non-controversial change.

Regards,
    Jeff Davis