Albe Laurenz <laurenz.albe@wien.gv.at> writes:
> Tom Lane wrote:
>> I believe the reason for forcing pg_temp to the back of the path is to
>> prevent unqualified table names from being captured by pg_temp entries.
>> This risk exists despite the rule against searching pg_temp for functions
>> or operators. A maliciously named temp table could at least prevent
>> a security definer function from doing what it was supposed to, and
>> could probably hijack control entirely via triggers or rules.
>>
>> Possibly the documentation should be more explicit about why this is
>> being done, but the example code is good as-is.
> Maybe something like the attached would keep people like me from
> misunderstanding this.
I rewrote this a bit and pushed it. Thanks for the suggestion!
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=ce150e7e0fc1a127fee7933d71f4204a79ecce04
regards, tom lane