"Tom Lane" <[EMAIL PROTECTED]> writes:

> I thought about ways to include GUC settings directly into CREATE
> FUNCTION, but it seemed pretty ugly and inconsistent with the
> existing syntax.  So I'm thinking of supporting only the above
> syntaxes, meaning it'll take at least two commands to create a secure

I think security definer functions should automatically inherit their
search_path. The whole "secure by default" thing.

It might be best to have a guc variable which controls the variables which are
automatically saved. regexp_flavour and maybe a handful of others could be in
it by default. But that might depend on how expensive it is at run-time. I
wouldn't want trivial SQL functions to no longer be inline-able because one
might one day use a regexp for example.

  Gregory Stark
  EnterpriseDB          http://www.enterprisedb.com

---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?


Reply via email to