29 lines
1.0 KiB
C
29 lines
1.0 KiB
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* Interfaces in support of FE/BE connections.
|
|
*
|
|
*
|
|
* Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
*
|
|
* src/include/common/connect.h
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
#ifndef CONNECT_H
|
|
#define CONNECT_H
|
|
|
|
/*
|
|
* This SQL statement installs an always-secure search path, so malicious
|
|
* users can't take control. CREATE of an unqualified name will fail, because
|
|
* this selects no creation schema. This does not demote pg_temp, so it is
|
|
* suitable where we control the entire FE/BE connection but not suitable in
|
|
* SECURITY DEFINER functions. This is portable to PostgreSQL 7.3, which
|
|
* introduced schemas. When connected to an older version from code that
|
|
* might work with the old server, skip this.
|
|
*/
|
|
#define ALWAYS_SECURE_SEARCH_PATH_SQL \
|
|
"SELECT pg_catalog.set_config('search_path', '', false);"
|
|
|
|
#endif /* CONNECT_H */
|