| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Document security implications of qualified names. |
| Date: | 2018-07-29 03:14:03 |
| Message-ID: | [email protected] |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Document security implications of qualified names.
Commit 5770172cb0c9df9e6ce27c507b449557e5b45124 documented secure schema
usage, and that advice suffices for using unqualified names securely.
Document, in typeconv-func primarily, the additional issues that arise
with qualified names. Back-patch to 9.3 (all supported versions).
Reviewed by Jonathan S. Katz.
Discussion: https://postgr.es/m/[email protected]
Branch
------
REL_11_STABLE
Modified Files
--------------
doc/src/sgml/ddl.sgml | 15 +++--
doc/src/sgml/ref/create_function.sgml | 14 +++--
doc/src/sgml/syntax.sgml | 8 +++
doc/src/sgml/typeconv.sgml | 103 ++++++++++++++++++++++++++++++++--
doc/src/sgml/xfunc.sgml | 25 ++++++---
src/backend/utils/adt/ruleutils.c | 15 ++---
6 files changed, 147 insertions(+), 33 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2018-07-29 13:02:28 | pgsql: Fix two oversights from 9ebe0572 which refactored cluster_rel |
| Previous Message | Tomas Vondra | 2018-07-29 01:43:52 | pgsql: Provide separate header file for built-in float types |