database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-22 02:52:08 +03:00
Code Activity

Fix search_path to a safe value during maintenance operations.

Browse Source 
While executing maintenance operations (ANALYZE, CLUSTER, REFRESH
MATERIALIZED VIEW, REINDEX, or VACUUM), set search_path to
'pg_catalog, pg_temp' to prevent inconsistent behavior.

Functions that are used for functional indexes, in index expressions,
or in materialized views and depend on a different search path must be
declared with CREATE FUNCTION ... SET search_path='...'.

This change was previously committed as 05e1737351, then reverted in
commit 2fcc7ee7af because it was too late in the cycle.

Preparation for the MAINTAIN privilege, which was previously reverted
due to search_path manipulation hazards.

Discussion: https://postgr.es/m/d4ccaf3658cb3c281ec88c851a09733cd9482f22.camel@j-davis.com
Discussion: https://postgr.es/m/E1q7j7Y-000z1H-Hr%40gemulon.postgresql.org
Discussion: https://postgr.es/m/e44327179e5c9015c8dda67351c04da552066017.camel%40j-davis.com
Reviewed-by: Greg Stark, Nathan Bossart, Noah Misch
This commit is contained in:
Jeff Davis
2024-03-04 17:31:38 -08:00
parent 2c29e7fc95
commit 2af07e2f74
30 changed files with 200 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/backend/commands/indexcmds.c
View File

@ -585,6 +585,10 @@ DefineIndex(Oid tableId,
root_save_nestlevel = NewGUCNestLevel();
if (!IsBootstrapProcessingMode())
SetConfigOption("search_path", GUC_SAFE_SEARCH_PATH, PGC_USERSET,
PGC_S_SESSION);
/*
* Some callers need us to run with an empty default_tablespace; this is a
* necessary hack to be able to reproduce catalog state accurately when
@ -1340,6 +1344,8 @@ DefineIndex(Oid tableId,
SetUserIdAndSecContext(childrel->rd_rel->relowner,
child_save_sec_context | SECURITY_RESTRICTED_OPERATION);
child_save_nestlevel = NewGUCNestLevel();
SetConfigOption("search_path", GUC_SAFE_SEARCH_PATH, PGC_USERSET,
PGC_S_SESSION);
/*
* Don't try to create indexes on foreign tables, though. Skip
@ -3881,6 +3887,8 @@ ReindexRelationConcurrently(const ReindexStmt *stmt, Oid relationOid, const Rein
SetUserIdAndSecContext(heapRel->rd_rel->relowner,
save_sec_context | SECURITY_RESTRICTED_OPERATION);
save_nestlevel = NewGUCNestLevel();
SetConfigOption("search_path", GUC_SAFE_SEARCH_PATH, PGC_USERSET,
PGC_S_SESSION);
/* determine safety of this index for set_indexsafe_procflags */
idx->safe = (indexRel->rd_indexprs == NIL &&