blob: 5913c548b61a8e283b7cb123e3484d7fcbce8c9b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
/*-------------------------------------------------------------------------
*
* Interfaces in support of FE/BE connections.
*
*
* Portions Copyright (c) 1996-2023, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* src/include/common/connect.h
*
*-------------------------------------------------------------------------
*/
#ifndef CONNECT_H
#define CONNECT_H
/*
* This SQL statement installs an always-secure search path, so malicious
* users can't take control. CREATE of an unqualified name will fail, because
* this selects no creation schema. This does not demote pg_temp, so it is
* suitable where we control the entire FE/BE connection but not suitable in
* SECURITY DEFINER functions. This is portable to PostgreSQL 7.3, which
* introduced schemas. When connected to an older version from code that
* might work with the old server, skip this.
*/
#define ALWAYS_SECURE_SEARCH_PATH_SQL \
"SELECT pg_catalog.set_config('search_path', '', false);"
#endif /* CONNECT_H */
|
