Hi, Yesterday I was going over some consultancy and went to check some syntax for CREATE FUNCTION, particularly related to SECURITY DEFINER part.
Reading there I saw a paragraph which had a sentence that wasn't very clear at first. The patch's description gives a better idea on the change, and how I got there, and I believe it gives better meaning to the sentence in question. I applied the same change on another part which had the same phrase. Cheers, -- Martín Marqués http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services
>From fbf6b9f6df20d38b5f16c6af94424042b41d7fad Mon Sep 17 00:00:00 2001 From: Martin <mar...@2ndquadrant.com> Date: Tue, 10 May 2016 21:31:24 -0300 Subject: [PATCH] While reading the CREATE FUNCTION reference docs for some reference on SECURITY DEFINER usage I ran on this phrase: Particularly important in this regard is the temporary-table schema, which is searched first by default, and is normally writeable by anyone. A secure arrangement can be had by forcing the temporary schema to be searched last. The last sentence there was not clear at first. I feel that the word *obtained* instead of *had* gives a more clear understanding. I found a similar phase in the PL/PgSQL documentation as well, and so applied the same fix. --- doc/src/sgml/plpgsql.sgml | 2 +- doc/src/sgml/ref/create_function.sgml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/src/sgml/plpgsql.sgml b/doc/src/sgml/plpgsql.sgml index a27bbc5..4ecd9e3 100644 --- a/doc/src/sgml/plpgsql.sgml +++ b/doc/src/sgml/plpgsql.sgml @@ -528,7 +528,7 @@ $$ LANGUAGE plpgsql; </para> <para> - The same effect can be had by declaring one or more output parameters as + The same effect can be obtained by declaring one or more output parameters as polymorphic types. In this case the special <literal>$0</literal> parameter is not used; the output parameters themselves serve the same purpose. For example: diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml index bd11d2b..583cdf5 100644 --- a/doc/src/sgml/ref/create_function.sgml +++ b/doc/src/sgml/ref/create_function.sgml @@ -715,7 +715,7 @@ SELECT * FROM dup(42); malicious users from creating objects that mask objects used by the function. Particularly important in this regard is the temporary-table schema, which is searched first by default, and - is normally writable by anyone. A secure arrangement can be had + is normally writable by anyone. A secure arrangement can be obtained by forcing the temporary schema to be searched last. To do this, write <literal>pg_temp</><indexterm><primary>pg_temp</><secondary>securing functions</></> as the last entry in <varname>search_path</>. This function illustrates safe usage: -- 2.5.5
-- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers