On Thu, 6 Jun 2024 at 12:53, Jeff Davis <pg...@j-davis.com> wrote:
> > I didn't get you completely here. w.r.t extensions how will this have > > an impact if we set the search_path for definer functions. > > If we only set the search path for SECURITY DEFINER functions, I don't > think that solves the whole problem. Indeed. While the ability for a caller to set the search_path for a security definer functions introduces security problems that are different than for security invoker functions, it's still weird for the behaviour of a function to depend on the caller's search_path. It’s even weirder for the default search path behaviour to be different depending on whether or not the function is security definer.
