Support explicit placement of the temporary-table schema within search_path. - postgresql.git - This is the main PostgreSQL git repository.

diff options

author	Tom Lane	2007-04-20 02:38:33 +0000
committer	Tom Lane	2007-04-20 02:38:33 +0000
commit	566331a2e983cc6bf00baf11b4cfe9b906a2727d (patch)
tree	cf277435a37fe183ac46d63eab82800bc9206361 /doc/FAQ_DEV
parent	c6f3c246cce15cd87c2ef34508f30a9eb14737db (diff)

Support explicit placement of the temporary-table schema within search_path.

This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. Security: CVE-2007-2138

Diffstat (limited to 'doc/FAQ_DEV')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: