Support explicit placement of the temporary-table schema within search_path.
Tom Lane <tgl@sss.pgh.pa.us>
Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. Security: CVE-2007-2138
Files
| Path | Change | +/− |
|---|---|---|
| doc/src/sgml/ref/create_function.sgml | modified | +49 −1 |
| doc/src/sgml/release.sgml | modified | +21 −3 |
| doc/src/sgml/runtime.sgml | modified | +12 −4 |
| src/backend/catalog/namespace.c | modified | +144 −18 |
| src/test/regress/expected/temp.out | modified | +58 −0 |
| src/test/regress/sql/temp.sql | modified | +32 −0 |