On Tue, 2024-06-11 at 14:56 +0200, Alexander Kukushkin wrote:
> Now attackers can just set search_path for the current session.
IIUC, the proposal is that only the function's "SET" clause can
override the behavior, not a top-level SET command.
Regards,
Jeff Davis