| From: | Robert Haas <rhaas(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Assorted improvements to SECURITY DEFINER functions documentatio |
| Date: | 2023-01-16 15:57:01 |
| Message-ID: | E1pHRr3-003zTM-72@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Assorted improvements to SECURITY DEFINER functions documentation.
Add a cross-reference from the part of the page that introdues SECURITY
INVOKER and SECURITY DEFINER to the part of the page that talks about
writing SECURITY DEFINER functions safely, so that users are less likely
to miss it.
Remove discussion of the pre-8.3 behavior on the theory that it's
probably not very relevant any more, that release having gone out of
support nearly a decade ago.
Add a mention of the new createrole_self_grant GUC, which in
certain cases might need to be set to a safe value to avoid
unexpected consequences.
Possibly this section needs major surgery rather than just these
small tweaks, but hopefully this is at least a small step
forward.
Discussion: http://postgr.es/m/CA+Tgmoauqd1cHQjsNEoxL5O-kEO4iC9dAPyCudSvmNqPJGmy9g@mail.gmail.com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/6fa66ec88ff29f5449d89e9891a00fe64afae34e
Modified Files
--------------
doc/src/sgml/ref/create_function.sgml | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2023-01-16 17:35:23 | pgsql: Tighten up VACUUM's approach to setting VM bits. |
| Previous Message | Robert Haas | 2023-01-16 15:49:34 | Re: pgsql: Add new GUC createrole_self_grant. |