From 0083856e013410686ba187a7a9ad7133471ee50b Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Thu, 6 Mar 2008 17:19:38 +0000
Subject: [PATCH] Add:

> * Prevent malicious functions from being executed with the permissions
>   of unsuspecting users
>
>   Index functions are safe, so VACUUM and ANALYZE are safe too.
>   Triggers, CHECK and DEFAULT expressions, and rules are still vulnerable.
>   http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php
---
 doc/TODO              | 22 ++++++++++++++++------
 doc/src/FAQ/TODO.html | 11 ++++++++---
 2 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/doc/TODO b/doc/TODO
index 0bd45d2a7fb..1b075cca311 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -1,7 +1,7 @@
 PostgreSQL TODO List
 ====================
 Current maintainer:	Bruce Momjian (bruce@momjian.us)
-Last updated:		Wed Mar  5 22:22:28 EST 2008
+Last updated:		Thu Mar  6 12:19:28 EST 2008
 
 The most recent version of this document can be viewed at
 http://www.postgresql.org/docs/faqs.TODO.html.
@@ -151,8 +151,6 @@ Administration
 	    http://archives.postgresql.org/pgsql-hackers/2006-12/msg00497.php
 
 
-
-
 Data Types
 ==========
 
@@ -307,7 +305,6 @@ Data Types
 	* Allow MONEY to be easily cast to/from other numeric data types
 
 
-
 Functions
 =========
 
@@ -370,6 +367,12 @@ Functions
 
   http://archives.postgresql.org/pgsql-patches/2007-08/msg00012.php
 
+* Prevent malicious functions from being executed with the permissions
+  of unsuspecting users
+
+  Index functions are safe, so VACUUM and ANALYZE are safe too. 
+  Triggers, CHECK and DEFAULT expressions, and rules are still vulnerable.
+  http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php
 
 
 Multi-Language Support
@@ -412,7 +415,6 @@ Multi-Language Support
 
   Currently client_encoding is set in postgresql.conf, which
   defaults to the server encoding.
-
   http://archives.postgresql.org/pgsql-hackers/2006-08/msg01696.php
 
 
@@ -740,6 +742,7 @@ Referential Integrity
   http://archives.postgresql.org/pgsql-hackers/2006-09/msg01458.php
 
 
+
 Server-Side Languages
 =====================
 
@@ -788,6 +791,7 @@ Server-Side Languages
 	  http://archives.postgresql.org/pgsql-hackers/2007-05/msg00289.php
 
 
+
 Clients
 =======
 
@@ -929,6 +933,8 @@ Clients
 
 	  http://archives.postgresql.org/pgsql-hackers/2007-03/msg01803.php
 
+
+
 Triggers
 ========
 
@@ -1072,6 +1078,7 @@ Fsync
 * Add program to test if fsync has a delay compared to non-fsync
 
 
+
 Cache Usage
 ===========
 
@@ -1131,7 +1138,6 @@ Cache Usage
 
 
 
-
 Vacuum
 ======
 
@@ -1188,6 +1194,7 @@ Vacuum
 	  http://archives.postgresql.org/pgsql-general/2007-06/msg01645.php
 
 
+
 Locking
 =======
 
@@ -1220,6 +1227,7 @@ Locking
 
 
 
+
 Startup Time Improvements
 =========================
 
@@ -1232,6 +1240,7 @@ Startup Time Improvements
   a single session using multiple threads to execute a statement faster.
 
 
+
 Write-Ahead Log
 ===============
 
@@ -1388,6 +1397,7 @@ Miscellaneous Performance
   concurrent reads from multiple devices in a partitioned table.
 
 
+
 Source Code
 ===========
 
diff --git a/doc/src/FAQ/TODO.html b/doc/src/FAQ/TODO.html
index 936b68968a4..c1a90974eb7 100644
--- a/doc/src/FAQ/TODO.html
+++ b/doc/src/FAQ/TODO.html
@@ -8,7 +8,7 @@
 <body bgcolor="#FFFFFF" text="#000000" link="#FF0000" vlink="#A00000" alink="#0000FF">
 <h1><a name="section_1">PostgreSQL TODO List</a></h1>
 <p>Current maintainer:     Bruce Momjian (<a href="mailto:bruce@momjian.us">bruce@momjian.us</a>)<br/>
-Last updated:           Wed Mar  5 22:22:28 EST 2008
+Last updated:           Thu Mar  6 12:19:28 EST 2008
 </p>
 <p>The most recent version of this document can be viewed at<br/>
 <a href="/s/org/postgresql/www/G.http/docs/faqs.TODO.html" o-href="http://www.postgresql.org/docs/faqs.TODO.html">http://www.postgresql.org/docs/faqs.TODO.html</a>.
@@ -330,6 +330,12 @@ first.  There is also a developer's wiki at<br/>
 </p>
   </li><li>Implement Boyer-Moore searching in strpos()
 <p>  <a href="/s/org/postgresql/archives/G.http/pgsql-patches/2007-08/msg00012.php" o-href="http://archives.postgresql.org/pgsql-patches/2007-08/msg00012.php">http://archives.postgresql.org/pgsql-patches/2007-08/msg00012.php</a>
+</p>
+  </li><li>Prevent malicious functions from being executed with the permissions
+  of unsuspecting users
+<p>  Index functions are safe, so VACUUM and ANALYZE are safe too. 
+  Triggers, CHECK and DEFAULT expressions, and rules are still vulnerable.
+  <a href="/s/org/postgresql/archives/G.http/pgsql-hackers/2008-01/msg00268.php" o-href="http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php">http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php</a>
 </p>
 </li></ul>
 <h1><a name="section_5">Multi-Language Support</a></h1>
@@ -367,8 +373,7 @@ first.  There is also a developer's wiki at<br/>
   </li><li>Set client encoding based on the client operating system encoding
 <p>  Currently client_encoding is set in postgresql.conf, which
   defaults to the server encoding.
-</p>
-<p>  <a href="/s/org/postgresql/archives/G.http/pgsql-hackers/2006-08/msg01696.php" o-href="http://archives.postgresql.org/pgsql-hackers/2006-08/msg01696.php">http://archives.postgresql.org/pgsql-hackers/2006-08/msg01696.php</a>
+  <a href="/s/org/postgresql/archives/G.http/pgsql-hackers/2006-08/msg01696.php" o-href="http://archives.postgresql.org/pgsql-hackers/2006-08/msg01696.php">http://archives.postgresql.org/pgsql-hackers/2006-08/msg01696.php</a>
 </p>
 </li></ul>
 <h1><a name="section_6">Views / Rules</a></h1>
-- 
2.39.5