Re: Per-function search_path => per-function GUC settings

"Tom Lane" <tgl@sss.pgh.pa.us> writes:

> I thought about ways to include GUC settings directly into CREATE
> FUNCTION, but it seemed pretty ugly and inconsistent with the
> existing syntax.  So I'm thinking of supporting only the above
> syntaxes, meaning it'll take at least two commands to create a secure
> SECURITY DEFINER function.

I think security definer functions should automatically inherit their
search_path. The whole "secure by default" thing.

It might be best to have a guc variable which controls the variables which are
automatically saved. regexp_flavour and maybe a handful of others could be in
it by default. But that might depend on how expensive it is at run-time. I
wouldn't want trivial SQL functions to no longer be inline-able because one
might one day use a regexp for example.

--  Gregory Stark EnterpriseDB          http://www.enterprisedb.com