From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Merlin Moncure <mmoncure(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Fixing insecure security definer functions |
Date: | 2007-03-29 18:19:38 |
Message-ID: | 26354.1175192378@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Merlin Moncure (mmoncure(at)gmail(dot)com) wrote:
>> maybe security definer functions should raise a warning for implicit
>> PATH NONE, and possibly even deprecate that behavior and force people
>> to type it out in future (8.4+) releases.
> While I agree that raising a warning makes sense I don't believe it
> should be forced.
A WARNING seems reasonable to me too. I'd just do it on the combination
of SECURITY DEFINER with PATH NONE, regardless of how you typed it
exactly. ALTERing a function into that configuration should draw the
same warning.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Josh Berkus | 2007-03-29 18:45:27 | Re: [PATCHES] Full page writes improvement, code update |
Previous Message | Merlin Moncure | 2007-03-29 18:18:03 | Re: Fixing insecure security definer functions |