projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9350056) | patch
Support explicit placement of the temporary-table schema within search_path.
authorTom Lane <tgl@sss.pgh.pa.us>
Fri, 20 Apr 2007 02:37:38 +0000 (02:37 +0000)
committerTom Lane <tgl@sss.pgh.pa.us>
Fri, 20 Apr 2007 02:37:38 +0000 (02:37 +0000)
commitaa27977fe21a7dfa4da4376ad66ae37cb8f0d0b5
treee2a82ea962c8d98ced947ef17a7dd21ca1ff8b38tree
parent9350056eaa26ff404e935923fcbb75efa5c23288commit | diff
Support explicit placement of the temporary-table schema within search_path.
This is needed to allow a security-definer function to set a truly secure
value of search_path.  Without it, a malicious user can use temporary objects
to execute code with the privileges of the security-definer function.  Even
pushing the temp schema to the back of the search path is not quite good
enough, because a function or operator at the back of the path might still
capture control from one nearer the front due to having a more exact datatype
match.  Hence, disable searching the temp schema altogether for functions and
operators.

Security: CVE-2007-2138
doc/src/sgml/config.sgml diff | blob | blame | history
doc/src/sgml/ref/create_function.sgml diff | blob | blame | history
doc/src/sgml/release.sgml diff | blob | blame | history
src/backend/catalog/aclchk.c diff | blob | blame | history
src/backend/catalog/namespace.c diff | blob | blame | history
src/test/regress/expected/temp.out diff | blob | blame | history
src/test/regress/sql/temp.sql diff | blob | blame | history
This is the main PostgreSQL git repository.