On Thu, Jul 11, 2019 at 2:29 PM Dave Cramer <p...@fastcrypt.com> wrote: > So if I understand this correctly if user bob has altered his search path and > there is a security-definer function called owned by him then > the search path will be changed for the duration of the function and reported > for every iteration? The implications of this are "interesting" to say the > least.
I don't believe that it matters what search path has been set using ALTER USER bob. But it does matter whether there is a SET function attached to the function definition. If you're not familiar with this, reread the CREATE FUNCTION docs... it's a cool feature. And of course the function could also have an explicit SET inside of it, or several of them. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
