/Users/deen/code/yugabyte-db/src/postgres/src/include/fe_utils/connect.h
Line | Count | Source (jump to first uncovered line) |
1 | | /*------------------------------------------------------------------------- |
2 | | * |
3 | | * Interfaces in support of FE/BE connections. |
4 | | * |
5 | | * |
6 | | * Portions Copyright (c) 1996-2018, PostgreSQL Global Development Group |
7 | | * Portions Copyright (c) 1994, Regents of the University of California |
8 | | * |
9 | | * src/include/fe_utils/connect.h |
10 | | * |
11 | | *------------------------------------------------------------------------- |
12 | | */ |
13 | | #ifndef CONNECT_H |
14 | | #define CONNECT_H |
15 | | |
16 | | /* |
17 | | * This SQL statement installs an always-secure search path, so malicious |
18 | | * users can't take control. CREATE of an unqualified name will fail, because |
19 | | * this selects no creation schema. This does not demote pg_temp, so it is |
20 | | * suitable where we control the entire FE/BE connection but not suitable in |
21 | | * SECURITY DEFINER functions. This is portable to PostgreSQL 7.3, which |
22 | | * introduced schemas. When connected to an older version from code that |
23 | | * might work with the old server, skip this. |
24 | | */ |
25 | | #define ALWAYS_SECURE_SEARCH_PATH_SQL \ |
26 | 0 | "SELECT pg_catalog.set_config('search_path', '', false)" |
27 | | |
28 | | #endif /* CONNECT_H */ |