Re: Fix search_path for all maintenance commands
Jeff Davis <pgsql@j-davis.com>
From: Jeff Davis <pgsql@j-davis.com>
To: Nathan Bossart <nathandbossart@gmail.com>, Noah Misch <noah@leadboat.com>
Cc: "David G. Johnston" <david.g.johnston@gmail.com>, Gurjeet Singh
<gurjeet@singh.im>, pgsql-hackers@postgresql.org, Robert Haas
<robertmhaas@gmail.com>, Greg Stark <stark@mit.edu>, Tom Lane
<tgl@sss.pgh.pa.us>
Date: 2023-07-17T19:16:25Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Fix search_path to a safe value during maintenance operations.
- 2af07e2f749a 17.0 landed
- 05e173735171 16.0 landed
-
Make relation-enumerating operations be security-restricted operations.
- a117cebd638d 15.0 cited
On Mon, 2023-07-17 at 10:58 -0700, Nathan Bossart wrote: > On Sat, Jul 15, 2023 at 02:13:33PM -0700, Noah Misch wrote: > > The 2018 security fixes instigated many function repairs that > > $SUBJECT would > > otherwise instigate. That wasn't too painful. The net new pain of > > $SUBJECT > > will be less, since the 2018 security fixes prepared the path. > > Hence, I > > remain +1 for the latest Davis proposal. > > I concur. Based on feedback, I plan to commit soon. Tom's objection seemed specific to v16, and Robert's concern seemed to be about having the MAINTAIN privilege without this patch. If I missed any objections to this patch, please let me know. If we hear about breakage that suggests we need an escape hatch GUC, we have time to add one later. I remain open to considering more complete fixes for the search_path problems. Regards, Jeff Davis