public inbox for [email protected]
help / color / mirror / Atom feedRe: search_path wildcard?
2+ messages / 2 participants
[nested] [flat]
* Re: search_path wildcard?
@ 2024-05-22 17:58 Tom Lane <[email protected]>
2024-05-22 19:12 ` Re: search_path wildcard? Ron Johnson <[email protected]>
0 siblings, 1 reply; 2+ messages in thread
From: Tom Lane @ 2024-05-22 17:58 UTC (permalink / raw)
To: Ron Johnson <[email protected]>; +Cc: pgsql-general
Ron Johnson <[email protected]> writes:
> That would be a helpful feature for administrators, when there are multiple
> schemas in multiple databases, on multiple servers: superusers get ALTER
> ROLE foo SET SEARCH_PATH = '*'; and they're done with it.
... and they're pwned within five minutes by any user with the wits
to create a trojan-horse function or operator. Generally speaking,
you want admins to run with a minimal search path not a maximal one.
regards, tom lane
^ permalink raw reply [nested|flat] 2+ messages in thread
* Re: search_path wildcard?
2024-05-22 17:58 Re: search_path wildcard? Tom Lane <[email protected]>
@ 2024-05-22 19:12 ` Ron Johnson <[email protected]>
0 siblings, 0 replies; 2+ messages in thread
From: Ron Johnson @ 2024-05-22 19:12 UTC (permalink / raw)
To: pgsql-generallists.postgresql.org <[email protected]>
On Wed, May 22, 2024 at 1:58 PM Tom Lane <[email protected]> wrote:
> Ron Johnson <[email protected]> writes:
> > That would be a helpful feature for administrators, when there are
> multiple
> > schemas in multiple databases, on multiple servers: superusers get ALTER
> > ROLE foo SET SEARCH_PATH = '*'; and they're done with it.
>
> ... and they're pwned within five minutes by any user with the wits
> to create a trojan-horse function or operator. Generally speaking,
> you want admins to run with a minimal search path not a maximal one.
>
Missing tables when running "\t" is a bigger hassle.
^ permalink raw reply [nested|flat] 2+ messages in thread
end of thread, other threads:[~2024-05-22 19:12 UTC | newest]
Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2024-05-22 17:58 Re: search_path wildcard? Tom Lane <[email protected]>
2024-05-22 19:12 ` Ron Johnson <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox