diff options
author | Bruce Momjian <bruce@momjian.us> | 2022-09-28 13:05:20 -0400 |
---|---|---|
committer | Bruce Momjian <bruce@momjian.us> | 2022-09-28 13:05:20 -0400 |
commit | b28a0649aee2d292d7392941b720fa234de5e158 (patch) | |
tree | 51f3870485338c702baaca49057d3c9edad04963 | |
parent | c0c2a9b01a85fd95195af997e0c1dfaaafa3b20b (diff) | |
download | postgresql-b28a0649aee2d292d7392941b720fa234de5e158.tar.gz |
revert "warn of SECURITY DEFINER schemas for non-sql_body funcs"
doc revert of commit 1703726488. Change was applied to irrelevant
branches, and was not detailed enough to be helpful in relevant
branches.
Reported-by: Peter Eisentraut, Noah Misch
Discussion: https://postgr.es/m/a2dc9de4-24fc-3222-87d3-0def8057d7d8@enterprisedb.com
Backpatch-through: 10
-rw-r--r-- | doc/src/sgml/ref/create_function.sgml | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml index e60e93ea7b..81d0867697 100644 --- a/doc/src/sgml/ref/create_function.sgml +++ b/doc/src/sgml/ref/create_function.sgml @@ -753,10 +753,7 @@ SELECT * FROM dup(42); <para> Because a <literal>SECURITY DEFINER</literal> function is executed with the privileges of the user that owns it, care is needed to - ensure that the function cannot be misused. This is particularly - important for non-<replaceable>sql_body</replaceable> functions because - their function bodies are evaluated at run-time, not creation time. - For security, + ensure that the function cannot be misused. For security, <xref linkend="guc-search-path"> should be set to exclude any schemas writable by untrusted users. This prevents malicious users from creating objects (e.g., tables, functions, and |