[dak/master] Set search_path to a secure value.

To: debian-dak@lists.debian.org,dak@commit.ganneff.de
Subject: [dak/master] Set search_path to a secure value.
From: Ansgar Burchardt <ansgar@debian.org>
Date: Sun, 28 Aug 2011 19:24:03 +0000
Message-id: <[🔎] E1Qxkxi-0000EV-M7@franck.debian.org>

---
 dak/dakdb/update66.py |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/dak/dakdb/update66.py b/dak/dakdb/update66.py
index 2f108ba..c9ec9b2 100755
--- a/dak/dakdb/update66.py
+++ b/dak/dakdb/update66.py
@@ -123,7 +123,8 @@ BEGIN
 
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER""");
+$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER
+SET search_path = public, pg_temp""");
 
         c.execute("""CREATE OR REPLACE FUNCTION trigger_override_update() RETURNS TRIGGER AS $$
 DECLARE
@@ -182,7 +183,8 @@ BEGIN
 
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER""");
+$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER
+SET search_path = public, pg_temp""");
 
         c.execute("CREATE TRIGGER trigger_bin_associations_audit AFTER INSERT OR DELETE ON bin_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
         c.execute("CREATE TRIGGER trigger_src_associations_audit AFTER INSERT OR DELETE ON src_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
-- 
1.7.2.5

Reply to:

Prev by Date: [dak/master] Add SQL triggers for package audits
Next by Date: [dak/master] Rewrite trigger functions in plpgsql.
Previous by thread: [dak/master] Add SQL triggers for package audits
Next by thread: [dak/master] Rewrite trigger functions in plpgsql.
Index(es):
- Date
- Thread