From f8a432dbe5adacb8027aeef3ef536b3b2b040d70 Mon Sep 17 00:00:00 2001
From: Laurenz Albe <laurenz.albe@wien.gv.at>
Date: Fri, 15 Jul 2016 13:45:21 +0200
Subject: [PATCH] Improve example in CREATE FUNCTION documentation

Explain in more detail why it is a good idea to have pg_temp
as the last search_path element in SECURITY DEFINER functions.
---
 doc/src/sgml/ref/create_function.sgml |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index 097e2bd..d8d5324 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -753,7 +753,10 @@ SELECT * FROM dup(42);
     malicious users from creating objects that mask objects used by the
     function.  Particularly important in this regard is the
     temporary-table schema, which is searched first by default, and
-    is normally writable by anyone.  A secure arrangement can be obtained
+    is normally writable by anyone (even though functions and operators
+    in this schema are never used unless explicitly qualified, it should be
+    made sure that no temporary table will be accessed by accident).
+    A secure arrangement can be obtained
     by forcing the temporary schema to be searched last.  To do this,
     write <literal>pg_temp</><indexterm><primary>pg_temp</><secondary>securing functions</></> as the last entry in <varname>search_path</>.
     This function illustrates safe usage:
-- 
1.7.1