Log Message:
-----------
Support explicit placement of the temporary-table schema within search_path.
This is needed to allow a security-definer function to set a truly secure
value of search_path. Without it, a malicious user can use temporary objects
to execute code with the privileges of the security-definer function. Even
pushing the temp schema to the back of the search path is not quite good
enough, because a function or operator at the back of the path might still
capture control from one nearer the front due to having a more exact datatype
match. Hence, disable searching the temp schema altogether for functions and
operators.
Security: CVE-2007-2138
Modified Files:
--------------
pgsql/doc/src/sgml/ref:
create_function.sgml (r1.73 -> r1.74)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/ref/create_function.sgml.diff?r1=1.73&r2=1.74)
pgsql/doc/src/sgml:
release.sgml (r1.500 -> r1.501)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/release.sgml.diff?r1=1.500&r2=1.501)
config.sgml (r1.121 -> r1.122)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/config.sgml.diff?r1=1.121&r2=1.122)
pgsql/src/backend/catalog:
aclchk.c (r1.138 -> r1.139)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/aclchk.c.diff?r1=1.138&r2=1.139)
namespace.c (r1.95 -> r1.96)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.95&r2=1.96)
pgsql/src/test/regress/expected:
temp.out (r1.12 -> r1.13)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.12&r2=1.13)
pgsql/src/test/regress/sql:
temp.sql (r1.7 -> r1.8)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.7&r2=1.8)
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
