Re: temporary functions (and other object types)

On Fri, Nov 05, 2010 at 09:01:50PM -0400, Robert Haas wrote:
> On Fri, Nov 5, 2010 at 4:02 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> > The latter is an intentional security feature and will not get changed.
>
> I see that there could be a problem here with SECURITY DEFINER
> functions, but I'm not clear whether it goes beyond that?

IIRC correctly it's because even unpriveledged users can make things in
the pg_temp schema and it's implicitly at the front of the search_path.
There was a CVE about this a while back, no?

Have a nice day,
--
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> Patriotism is when love of your own people comes first; nationalism,
> when hate for people other than your own comes first.
>                                       - Charles de Gaulle