rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/test
History
Tom Lane aa27977fe2 Support explicit placement of the temporary-table schema within search_path. 
This is needed to allow a security-definer function to set a truly secure
value of search_path.  Without it, a malicious user can use temporary objects
to execute code with the privileges of the security-definer function.  Even
pushing the temp schema to the back of the search path is not quite good
enough, because a function or operator at the back of the path might still
capture control from one nearer the front due to having a more exact datatype
match.  Hence, disable searching the temp schema altogether for functions and
operators.

Security: CVE-2007-2138
 		2007-04-20 02:37:38 +00:00
..
bench Update CVS HEAD for 2007 copyright. Back branches are typically not 2007-01-05 22:20:05 +00:00
examples Wording cleanup for error messages. Also change can't -> cannot. 2007-02-01 19:10:30 +00:00
locale $Header: -> $PostgreSQL Changes ... 2003-11-29 19:52:15 +00:00
mb Change the backend to reject strings containing invalidly-encoded multibyte 2006-05-21 20:05:21 +00:00
performance Add CVS tag lines to files that were lacking them. 2006-03-11 04:38:42 +00:00
regress Support explicit placement of the temporary-table schema within search_path. 2007-04-20 02:37:38 +00:00
thread Wording cleanup for error messages. Also change can't -> cannot. 2007-02-01 19:10:30 +00:00
Makefile $Header: -> $PostgreSQL Changes ... 2003-11-29 19:52:15 +00:00