| 1 | /*------------------------------------------------------------------------- |
|---|---|
| 2 | * |
| 3 | * Interfaces in support of FE/BE connections. |
| 4 | * |
| 5 | * |
| 6 | * Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group |
| 7 | * Portions Copyright (c) 1994, Regents of the University of California |
| 8 | * |
| 9 | * src/include/fe_utils/connect.h |
| 10 | * |
| 11 | *------------------------------------------------------------------------- |
| 12 | */ |
| 13 | #ifndef CONNECT_H |
| 14 | #define CONNECT_H |
| 15 | |
| 16 | /* |
| 17 | * This SQL statement installs an always-secure search path, so malicious |
| 18 | * users can't take control. CREATE of an unqualified name will fail, because |
| 19 | * this selects no creation schema. This does not demote pg_temp, so it is |
| 20 | * suitable where we control the entire FE/BE connection but not suitable in |
| 21 | * SECURITY DEFINER functions. This is portable to PostgreSQL 7.3, which |
| 22 | * introduced schemas. When connected to an older version from code that |
| 23 | * might work with the old server, skip this. |
| 24 | */ |
| 25 | #define ALWAYS_SECURE_SEARCH_PATH_SQL \ |
| 26 | "SELECT pg_catalog.set_config('search_path', '', false);" |
| 27 | |
| 28 | #endif /* CONNECT_H */ |
| 29 |
Generated while processing PostgreSQL/src/bin/pg_basebackup/streamutil.c
Generated on 2019-Nov-14 from project PostgreSQL revision 12.0
Powered by 
Code Browser 2.1
Generator usage only permitted with license.