On Wed, Feb 5, 2020 at 8:27 PM Masahiko Sawada <masahiko.saw...@2ndquadrant.com> wrote: > User can create database objects such as functions into pg_catalog. > But if I'm not missing something, currently there is no > straightforward way to identify if the object is a user created object > or a system object which is created during initdb. If we can do that > user will be able to check if malicious functions are not created in > the database, which is important from the security perspective. > > I've attached PoC patch to introduce a SQL function > pg_is_user_object() that returns true if the given oid is user object > oid, that is greater than or equal to FirstNormalObjectId. Feedback is > very welcome.
+1. About the implementation, how about defining a static inline function, say is_user_object(), next to FirstNormalObjectId's definition and make pg_is_user_object() call it? There are a few placed in the backend code that perform the same computation as pg_is_user_object(), which could be changed to use is_user_object() instead. Thanks, Amit
