rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

revert "warn of SECURITY DEFINER schemas for non-sql_body funcs" 

doc revert of commit 1703726488.  Change was applied to irrelevant
branches, and was not detailed enough to be helpful in relevant
branches.

Reported-by: Peter Eisentraut, Noah Misch

Discussion: https://postgr.es/m/a2dc9de4-24fc-3222-87d3-0def8057d7d8@enterprisedb.com

Backpatch-through: 10
This commit is contained in:
Bruce Momjian 2022-09-28 13:05:20 -04:00
parent 1dd468c348
commit 538c8ff2c0
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/src/sgml/ref/create_function.sgml
View File

@ -729,10 +729,7 @@ SELECT * FROM dup(42);
<para> <para>
Because a <literal>SECURITY DEFINER</literal> function is executed Because a <literal>SECURITY DEFINER</literal> function is executed
with the privileges of the user that owns it, care is needed to with the privileges of the user that owns it, care is needed to
ensure that the function cannot be misused. This is particularly ensure that the function cannot be misused. For security,
important for non-<replaceable>sql_body</replaceable> functions because
their function bodies are evaluated at run-time, not creation time.
For security,
<xref linkend="guc-search-path"/> should be set to exclude any schemas <xref linkend="guc-search-path"/> should be set to exclude any schemas
writable by untrusted users. This prevents writable by untrusted users. This prevents
malicious users from creating objects (e.g., tables, functions, and malicious users from creating objects (e.g., tables, functions, and