On Mon, Feb 26, 2024 at 9:13 AM shveta malik <shveta.ma...@gmail.com> wrote: > > On Fri, Feb 23, 2024 at 7:41 PM Bertrand Drouvot > <bertranddrouvot...@gmail.com> wrote: > > > > Hi, > > > I think to set secure search path for remote connection, the standard > > > approach > > > could be to extend the code in libpqrcv_connect[1], so that we don't need > > > to schema > > > qualify all the operators in the queries. > > > > > > And for local connection, I agree it's also needed to add a > > > SetConfigOption("search_path", "" call in the slotsync worker. > > > > > > [1] > > > libpqrcv_connect > > > ... > > > if (logical) > > > ... > > > res = libpqrcv_PQexec(conn->streamConn, > > > > > > ALWAYS_SECURE_SEARCH_PATH_SQL); > > > > > > > Agree, something like in the attached? (it's .txt to not disturb the CF > > bot). > > Thanks for the patch, changes look good. I have corporated it in the > patch which addresses the rest of your comments in [1]. I have > attached the patch as .txt >
Few comments: =============== 1. - if (logical) + if (logical || !replication) { Can we add a comment about connection types that require ALWAYS_SECURE_SEARCH_PATH_SQL? 2. Can we add a test case to demonstrate that the '=' operator can be hijacked to do different things when the slotsync worker didn't use ALWAYS_SECURE_SEARCH_PATH_SQL? -- With Regards, Amit Kapila.