Hi,
Yesterday I was going over some consultancy and went to check some
syntax for CREATE FUNCTION, particularly related to SECURITY DEFINER part.
Reading there I saw a paragraph which had a sentence that wasn't very
clear at first.
The patch's description gives a better idea on the change, and how I got
there, and I believe it gives better meaning to the sentence in question.
I applied the same change on another part which had the same phrase.
Cheers,
--
Martín Marqués http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
>From fbf6b9f6df20d38b5f16c6af94424042b41d7fad Mon Sep 17 00:00:00 2001
From: Martin <mar...@2ndquadrant.com>
Date: Tue, 10 May 2016 21:31:24 -0300
Subject: [PATCH] While reading the CREATE FUNCTION reference docs for some
reference on SECURITY DEFINER usage I ran on this phrase:
Particularly important in this regard is the temporary-table schema,
which is searched first by default, and is normally writeable by anyone.
A secure arrangement can be had by forcing the temporary schema to be
searched last.
The last sentence there was not clear at first. I feel that the word
*obtained* instead of *had* gives a more clear understanding.
I found a similar phase in the PL/PgSQL documentation as well, and
so applied the same fix.
---
doc/src/sgml/plpgsql.sgml | 2 +-
doc/src/sgml/ref/create_function.sgml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/src/sgml/plpgsql.sgml b/doc/src/sgml/plpgsql.sgml
index a27bbc5..4ecd9e3 100644
--- a/doc/src/sgml/plpgsql.sgml
+++ b/doc/src/sgml/plpgsql.sgml
@@ -528,7 +528,7 @@ $$ LANGUAGE plpgsql;
</para>
<para>
- The same effect can be had by declaring one or more output parameters as
+ The same effect can be obtained by declaring one or more output parameters as
polymorphic types. In this case the
special <literal>$0</literal> parameter is not used; the output
parameters themselves serve the same purpose. For example:
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index bd11d2b..583cdf5 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -715,7 +715,7 @@ SELECT * FROM dup(42);
malicious users from creating objects that mask objects used by the
function. Particularly important in this regard is the
temporary-table schema, which is searched first by default, and
- is normally writable by anyone. A secure arrangement can be had
+ is normally writable by anyone. A secure arrangement can be obtained
by forcing the temporary schema to be searched last. To do this,
write <literal>pg_temp</><indexterm><primary>pg_temp</><secondary>securing functions</></> as the last entry in <varname>search_path</>.
This function illustrates safe usage:
--
2.5.5
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
