upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-15 22:10:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/doc/src/sgml
History
Tom Lane d694bdd1c9 Support explicit placement of the temporary-table schema within search_path. 
This is needed to allow a security-definer function to set a truly secure
value of search_path.  Without it, a malicious user can use temporary objects
to execute code with the privileges of the security-definer function.  Even
pushing the temp schema to the back of the search path is not quite good
enough, because a function or operator at the back of the path might still
capture control from one nearer the front due to having a more exact datatype
match.  Hence, disable searching the temp schema altogether for functions and
operators.

Security: CVE-2007-2138
2007-04-20 02:37:49 +00:00
..
ref Support explicit placement of the temporary-table schema within search_path. 2007-04-20 02:37:49 +00:00
advanced.sgml Some marginal editorial improvements and updates in the tutorial. 2006-10-21 23:12:57 +00:00
arch-dev.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
array.sgml Fix broken markup. 2007-03-24 16:46:28 +00:00
backup.sgml Editorial improvements to backup and warm-standby documentation. 2006-12-01 03:29:15 +00:00
biblio.sgml Update URL for "Generalized Partial Indexes" paper to point to a cached 2007-02-08 04:31:41 +00:00
bki.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
catalogs.sgml Do a round of copy-editing for the system catalog chapter. In particular, 2006-11-12 06:25:37 +00:00
charset.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
client-auth.sgml Document that LDAP URLs should be double-quoted in pg_hba.conf because 2007-03-24 21:46:25 +00:00
config.sgml Support explicit placement of the temporary-table schema within search_path. 2007-04-20 02:37:49 +00:00
contacts.sgml Make $PostgreSQL CVS tags consistent for SGML files. 2006-03-10 19:10:50 +00:00
cvs.sgml Remove a bunch of antique information from the appendix in the docs 2006-11-17 05:29:46 +00:00
datatype.sgml Arrange to install a "posixrules" entry in our timezone database, so that 2007-03-14 17:38:15 +00:00
datetime.sgml Fix up some problems in handling of zic-style time zone names in datetime 2006-10-17 21:03:21 +00:00
ddl.sgml Fix inheritance description to note that not-null constraints are 2006-11-28 01:09:01 +00:00
dfunc.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
diskusage.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
dml.sgml Documentation for VALUES lists. Joe Conway and Tom Lane 2006-09-18 19:54:01 +00:00
docguide.sgml Back out double-run of PDF/PS output. Requires building bookindex.sgml 2006-12-15 16:50:10 +00:00
ecpg.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
errcodes.sgml Code review for SELECT INTO STRICT patch: use saner choices of error 2006-06-16 23:29:27 +00:00
extend.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
external-projects.sgml Overhaul the "External Projects" chapter in the manual. Replace 2006-11-20 17:42:16 +00:00
features.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
filelist.sgml Rename replication section "High Availability and Load Balancing". 2006-11-17 16:38:44 +00:00
fixrtf Add CVS tag lines to files that were lacking them. 2006-03-11 04:38:42 +00:00
func.sgml Backpatch doc change SYMETRIC -> SYMMETRIC, for 8.2.X. 2007-04-07 15:43:47 +00:00
geqo.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
gin.sgml Editorial improvements for GIN documentation. 2006-12-01 23:46:46 +00:00
gist.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
high-availability.sgml Mention file system replication as a high availability solution in the 2007-02-01 21:03:00 +00:00
history.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
indexam.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
indices.sgml Editorial improvements for GIN documentation. 2006-12-01 23:46:46 +00:00
info.sgml Make $PostgreSQL CVS tags consistent for SGML files. 2006-03-10 19:10:50 +00:00
information_schema.sgml Fix broken markup. 2007-03-24 16:46:28 +00:00
install-win32.sgml Reword suggestion that libpq.dll be installed in WINNT\SYSTEM32 under 2007-02-02 16:10:10 +00:00
installation.sgml Document that a client-only install using: 2007-02-03 23:01:13 +00:00
intro.sgml Make $PostgreSQL CVS tags consistent for SGML files. 2006-03-10 19:10:50 +00:00
keywords.sgml Updated keyword table for 8.2 2006-10-08 20:51:52 +00:00
legal.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
libpq.sgml Update SSL description for when SSL root.crt/server.crt is required; 2007-03-30 03:19:19 +00:00
lobj.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
maintenance.sgml Document need for periodic REINDEX in VACUUM FULL cases. 2007-01-31 04:13:28 +00:00
Makefile Back out double-run of PDF/PS output. Requires building bookindex.sgml 2006-12-15 16:50:10 +00:00
manage-ag.sgml Document that to remove template1, datistemplate must be 'false'. 2007-01-20 15:43:58 +00:00
mk_feature_tables.pl Add CVS tag lines to files that were lacking them. 2006-03-11 04:38:42 +00:00
monitoring.sgml Fix broken markup. 2006-12-27 16:04:47 +00:00
mvcc.sgml Adjust the description of locking to clarify that locks held by a 2006-12-01 01:04:36 +00:00
nls.sgml Make $PostgreSQL CVS tags consistent for SGML files. 2006-03-10 19:10:50 +00:00
notation.sgml Make $PostgreSQL CVS tags consistent for SGML files. 2006-03-10 19:10:50 +00:00
perform.sgml The -X option in pg_dump was supposed to be a workaround for the lack of 2006-10-07 20:59:05 +00:00
planstats.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
plhandler.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
plperl.sgml Update documentation for backslashes to mention escape string syntax 2007-01-30 22:29:40 +00:00
plpgsql.sgml Update documentation for backslashes to mention escape string syntax 2007-01-30 22:29:40 +00:00
plpython.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
pltcl.sgml Update documentation for backslashes to mention escape string syntax 2007-01-30 22:29:40 +00:00
postgres.sgml Rename replication section "High Availability and Load Balancing". 2006-11-17 16:38:44 +00:00
problems.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
protocol.sgml Change processing of extended-Query mode so that an unnamed statement 2006-09-06 20:40:48 +00:00
queries.sgml Rewrite discussion of ORDER BY to emphasize the SQL99 expression case 2006-10-24 02:24:27 +00:00
query.sgml Some marginal editorial improvements and updates in the tutorial. 2006-10-21 23:12:57 +00:00
reference.ced Deprecate 'current' for date/time input. 2001-11-21 05:53:41 +00:00
reference.sgml Documentation for VALUES lists. Joe Conway and Tom Lane 2006-09-18 19:54:01 +00:00
regress.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
release.sgml Support explicit placement of the temporary-table schema within search_path. 2007-04-20 02:37:49 +00:00
rowtypes.sgml Update documentation for backslashes to mention escape string syntax 2007-01-30 22:29:40 +00:00
rules.sgml Use FROM clause in example UPDATE commands where appropriate. Also 2006-12-27 16:07:42 +00:00
runtime.sgml Update SSL description for when SSL root.crt/server.crt is required; 2007-03-30 03:19:19 +00:00
sources.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
spi.sgml Spellchecking and such 2006-10-23 18:10:32 +00:00
sql.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
standalone-install.sgml $Header: -> $PostgreSQL Changes ... 2003-11-29 19:52:15 +00:00
start.sgml Some marginal editorial improvements and updates in the tutorial. 2006-10-21 23:12:57 +00:00
storage.sgml Fix misspellings of GB. 2006-11-25 22:55:59 +00:00
stylesheet-hh.xsl Add htmlhelp stylesheet and build target. 2004-11-23 16:27:59 +00:00
stylesheet.css Override upstream DSSSL style sheet formatting changes 2004-06-29 20:44:34 +00:00
stylesheet.dsl Back out double-run of PDF/PS output. Requires building bookindex.sgml 2006-12-15 16:50:10 +00:00
stylesheet.xsl Some refinement of XSLT processing: The result now looks just about as good 2004-01-15 23:51:32 +00:00
syntax.sgml Comment-out documentation for IS OF because it doesn't conform to the 2007-02-20 14:05:02 +00:00
trigger.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
typeconv.sgml Documentation for VALUES lists. Joe Conway and Tom Lane 2006-09-18 19:54:01 +00:00
user-manag.sgml Get rid of the separate RULE privilege for tables: now only a table's owner 2006-09-05 21:08:36 +00:00
wal.sgml Correct misspellings of kB. 2006-11-25 22:44:48 +00:00
xaggr.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
xfunc.sgml Update documentation for backslashes to mention escape string syntax 2007-01-30 22:29:40 +00:00
xindex.sgml Editorial improvements for GIN documentation. 2006-12-01 23:46:46 +00:00
xoper.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00
xplang.sgml Overhaul the "External Projects" chapter in the manual. Replace 2006-11-20 17:42:16 +00:00
xtypes.sgml Remove emacs info from footer of SGML files. 2006-09-16 00:30:20 +00:00