|
|
|
|
@ -1,5 +1,5 @@ |
|
|
|
|
<!-- |
|
|
|
|
$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.43.2.1 2007/04/20 02:38:57 tgl Exp $ |
|
|
|
|
$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.43.2.2 2007/04/20 03:10:57 tgl Exp $ |
|
|
|
|
--> |
|
|
|
|
|
|
|
|
|
<refentry id="SQL-CREATEFUNCTION"> |
|
|
|
|
@ -455,7 +455,7 @@ Point * complex_to_point (Complex *z) |
|
|
|
|
Because a <literal>SECURITY DEFINER</literal> function is executed |
|
|
|
|
with the privileges of the user that created it, care is needed to |
|
|
|
|
ensure that the function cannot be misused. For security, |
|
|
|
|
<xref linkend="guc-search-path"> should be set to exclude any schemas |
|
|
|
|
<varname>search_path</> should be set to exclude any schemas |
|
|
|
|
writable by untrusted users. This prevents |
|
|
|
|
malicious users from creating objects that mask objects used by the |
|
|
|
|
function. Particularly important is in this regard is the |
|
|
|
|
|
Tom Lane
18 years ago