"Tom Lane" <[EMAIL PROTECTED]> writes: > Gregory Stark <[EMAIL PROTECTED]> writes: >> I think security definer functions should automatically inherit their >> search_path. The whole "secure by default" thing. > > This assumes that the search path at creation time has something to do > with the path you'd like to use at execution, which is unlikely to be > the case in existing pg_dump output, to name one example. I don't > really want to get into doing the above.
pg_dump will have to do a ALTER FUNCTION SET command anyways, no? So the default search_path that gets saved doesn't really matter. In general if it's not the search path you want at run-time you just have to change it, but you should always have *something* set or else it's a wide open security hole. I'm not clear why the search path at creation time is such a bad choice anyways, it is security "definer", what's the difference between taking the userid from the defining environment and taking the search path from the defining environment? -- Gregory Stark EnterpriseDB http://www.enterprisedb.com ---------------------------(end of broadcast)--------------------------- TIP 4: Have you searched our list archives? http://archives.postgresql.org
