Обсуждение: pgsql: Document security implications of qualified names.

Поиск
Список
Период
Сортировка

pgsql: Document security implications of qualified names.

От
Noah Misch
Дата:
Document security implications of qualified names.

Commit 5770172cb0c9df9e6ce27c507b449557e5b45124 documented secure schema
usage, and that advice suffices for using unqualified names securely.
Document, in typeconv-func primarily, the additional issues that arise
with qualified names.  Back-patch to 9.3 (all supported versions).

Reviewed by Jonathan S. Katz.

Discussion: https://postgr.es/m/20180721012446.GA1840594@rfd.leadboat.com

Branch
------
REL9_4_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/8c477a42eb9bdb91e7361645c3c343578000cb4a

Modified Files
--------------
doc/src/sgml/ddl.sgml                 |  15 +++--
doc/src/sgml/ref/create_function.sgml |  14 +++--
doc/src/sgml/syntax.sgml              |   8 +++
doc/src/sgml/typeconv.sgml            | 103 ++++++++++++++++++++++++++++++++--
doc/src/sgml/xfunc.sgml               |  25 ++++++---
src/backend/utils/adt/ruleutils.c     |  15 ++---
6 files changed, 147 insertions(+), 33 deletions(-)