Hi, User can create database objects such as functions into pg_catalog. But if I'm not missing something, currently there is no straightforward way to identify if the object is a user created object or a system object which is created during initdb. If we can do that user will be able to check if malicious functions are not created in the database, which is important from the security perspective.
I've attached PoC patch to introduce a SQL function pg_is_user_object() that returns true if the given oid is user object oid, that is greater than or equal to FirstNormalObjectId. Feedback is very welcome. Regards, -- Masahiko Sawada http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
identify_user_object.patch
Description: Binary data
