diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index 42553f52203..8adf939952b 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.53.2.2 2007/04/20 02:38:44 tgl Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.53.2.3 2007/04/20 03:10:51 tgl Exp $
 -->
 
 <refentry id="SQL-CREATEFUNCTION">
@@ -389,7 +389,7 @@ CREATE FUNCTION add(integer, integer) RETURNS integer
     Because a <literal>SECURITY DEFINER</literal> function is executed
     with the privileges of the user that created it, care is needed to
     ensure that the function cannot be misused.  For security,
-    <xref linkend="guc-search-path"> should be set to exclude any schemas
+    <varname>search_path</> should be set to exclude any schemas
     writable by untrusted users.  This prevents
     malicious users from creating objects that mask objects used by the
     function.  Particularly important is in this regard is the