On Wed, 14 Feb 2007, Peter Eisentraut wrote: > By installing functions or operators with appropriate signatures in > other schemas, users can then redirect any function or operator > call in the function code to implementations of their choice > [snip] > The proper fix for this problem is to insert explicit SET search_path > commands into each affected function to produce a known safe schema > search path.
This fix is not enough in certain common configurations. I've sent a proof of concept to security<at>postgresql.org, but I won't disclose it before I'm allowed to by security team. Regards Tometzky -- ...although Eating Honey was a very good thing to do, there was a moment just before you began to eat it which was better than when you were... Winnie the Pooh ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly