On Tue, Aug 16, 2022 at 03:34:22PM -0400, Tom Lane wrote:
> Bruce Momjian <br...@momjian.us> writes:
> > I have written the attached patch to mention this issue about sql_body
> > functions.
>
> Spell-check, please. Seems OK otherwise.
Just when I think I didn't add enough text to warrant a spell check.
:-( Updated patch attached.
--
Bruce Momjian <br...@momjian.us> https://momjian.us
EDB https://enterprisedb.com
Indecision is a decision. Inaction is an action. Mark Batterson
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index 7e6d52c7dc..35869bf6ba 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -779,7 +779,10 @@ SELECT * FROM dup(42);
<para>
Because a <literal>SECURITY DEFINER</literal> function is executed
with the privileges of the user that owns it, care is needed to
- ensure that the function cannot be misused. For security,
+ ensure that the function cannot be misused. This is particularly
+ important for non-<replaceable>sql_body</replaceable> functions because
+ their function bodies are evaluated at run-time, not creation time.
+ For security,
<xref linkend="guc-search-path"/> should be set to exclude any schemas
writable by untrusted users. This prevents
malicious users from creating objects (e.g., tables, functions, and
