On 3/29/07, Stephen Frost <[EMAIL PROTECTED]> wrote:
* Merlin Moncure ([EMAIL PROTECTED]) wrote:
> fwiw, I think this is a great solution...because the default behavior
> is preserved you get through without any extra guc settings (although
> you may want to add one anyways).

I agree that the proposed solution looks good.

> maybe security definer functions should raise a warning for implicit
> PATH NONE, and possibly even deprecate that behavior and force people
> to type it out in future (8.4+) releases.

While I agree that raising a warning makes sense I don't believe it
should be forced.  There may be cases where, even in security definer
functions, the current search_path should be used (though, of course,
care must be taken in writing such functions).

I agree...I'm just suggesting to make you explicitly write 'PATH NONE'
for security definer functions because of the security risk...just a
thought though.


---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend

Reply via email to