Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtp (Exim 4.84_2)
	(envelope-from
 <pgsql-hackers-owner+M338929=pgsql-hackers-arkari@postgresql.org>)
	id 1eAJBr-0007gy-Li
	for pgsql-hackers@arkaria.postgresql.org; Thu, 02 Nov 2017 17:22:03 +0000
Received: from localhost ([127.0.0.1] helo=postgresql.org)
	by malur.postgresql.org with smtp (Exim 4.84_2)
	(envelope-from
 <pgsql-hackers-owner+M338929=pgsql-hackers-arkari@postgresql.org>)
	id 1eAJBr-0000Ia-2P
	for pgsql-hackers@arkaria.postgresql.org; Thu, 02 Nov 2017 17:22:03 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.84_2)
	(envelope-from <robertmhaas@gmail.com>)
	id 1eAJBq-0000Fm-BZ
	for pgsql-hackers@postgresql.org; Thu, 02 Nov 2017 17:22:02 +0000
Received: from mail-qk0-x233.google.com ([2607:f8b0:400d:c09::233])
	by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.84_2)
	(envelope-from <robertmhaas@gmail.com>)
	id 1eAJBm-0005rl-Jz
	for pgsql-hackers@postgresql.org; Thu, 02 Nov 2017 17:22:01 +0000
Received: by mail-qk0-x233.google.com with SMTP id 17so282142qkq.8
        for <pgsql-hackers@postgresql.org>;
 Thu, 02 Nov 2017 10:21:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=K5YZKMKkc8QtisOAG3d7NmbRYnJCDj38kaJOypvKsF8=;
        b=YFMrdC5d/FPFHVNWWa+4BTmZqKV/d+vCG5zSiXXKwdGTZ1bwphNc3WNMvK9wMAr0r7
         oT1WDAGT1nKocFk6wRbZnnjCDAbty4oau5/gxVM76vuVDpxyXZ0yAiZjE8MmuxmIq7Hv
         gZPh54NS/3PzVAEAoo2e0VM5pDnMDqkFGBL1bfwIn/50wx9ZuxWffZ1bUNvTVg8W+SUO
         BEw5G+OJt+tguED0eH44bZIlR2gVBgxjio3BU1gnVQ1QGjClQwOH8aegnKXNljZWCvzN
         gnZcGKjA/YOog7+nLyJop9gXpgmrMt4dkOMpbMgzqQP1RHNzfFsLO7vi5Z2GP5TbfdFR
         RwzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=K5YZKMKkc8QtisOAG3d7NmbRYnJCDj38kaJOypvKsF8=;
        b=W11KVdXq4md9gaGHcglKmZSc6aGLdgkqyEYYTFPv82SaELuIMqXHTasiVbNwxSJcwe
         TPnNDDh/TA9bV2GULUncJTQBvhz2MCkfEfCgNC2iA2z3UKPNkWYA3wuMxAVXkz6ijD5f
         D0BIRhGjzXmes7U4QEBxJj0RizbZJiAFkM6i1i9gbUpV5v/g6gxPsHd0mA4URywXd9Np
         4jVrbwKP/RXwiZvarx6z8LP4ICHaPw3vXWTZzKDz4QDLTHVZCDuBYJxhsi06E3HZ38H2
         M03obaNHs2NsC41prwGZUbuleJWV666DDX/RHuwbycCHKlBqIme3yRq1tLFwKNnePOgm
         t5Tw==
X-Gm-Message-State: AMCzsaUI1fQnnORw3vGg7MJ8uU5Stq66oL3ef6y28Zd3fTjWZHQjHAXr
	+8xN4rT31DrWNnoT7OAlFh1GwBVokSYXmkwIowU=
X-Google-Smtp-Source: 
 ABhQp+RIsBfQdXgdrOOCGlrQ6mUWAMujmEUOkSC3VXQRvE2z+9cUS3ec4Dm5e1ae69Lof+lFbSFWnBK+8JCFwldT07I=
X-Received: by 10.55.25.164 with SMTP id 36mr5485301qkz.221.1509643315575;
 Thu, 02 Nov 2017 10:21:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.63.174 with HTTP; Thu, 2 Nov 2017 10:21:54 -0700 (PDT)
In-Reply-To: <20171102153505.GP4496@localhost>
References: 
 <CAFj8pRDY+m9OOxfO10R7J0PAkCCauM-TweaTrdsrsLGMb1VbEQ@mail.gmail.com>
 <CA+TgmoaZ0iymUS_ZM6LW2yWjabwQs4K8=4GYR1+u-V7ROPz0nA@mail.gmail.com>
 <20171102153505.GP4496@localhost>
From: Robert Haas <robertmhaas@gmail.com>
Date: Thu, 2 Nov 2017 22:51:54 +0530
Message-ID: 
 <CA+TgmoYXZMFp9KuVbkOYeTcSb1wqJifFKSnaamBbzfs3sRvi1Q@mail.gmail.com>
Subject: Re: proposal: schema variables
To: Nico Williams <nico@cryptonector.com>
Cc: Pavel Stehule <pavel.stehule@gmail.com>,
	PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Content-Type: text/plain; charset="UTF-8"
List-Archive: <http://archives.postgresql.org/pgsql-hackers>
List-Help: <mailto:majordomo@postgresql.org?body=help>
List-ID: <pgsql-hackers.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@postgresql.org>
List-Post: <mailto:pgsql-hackers@postgresql.org>
List-Subscribe: <mailto:majordomo@postgresql.org?body=sub%20pgsql-hackers>
List-Unsubscribe: <mailto:majordomo@postgresql.org?body=unsub%20pgsql-hackers>
X-Mailing-List: pgsql-hackers
Precedence: bulk
Sender: pgsql-hackers-owner@postgresql.org

On Thu, Nov 2, 2017 at 9:05 PM, Nico Williams <nico@cryptonector.com> wrote:
>> Overloading SET to handle both variables and GUCs seems likely to
>> create problems, possibly including security problems.  For example,
>> maybe a security-definer function could leave behind variables to
>> trick the calling code into failing to set GUCs that it intended to
>> set.  Or maybe creating a variable at the wrong time will just break
>> things randomly.
>
> That's already true of GUCs, since there are no access controls on
> set_config()/current_setting().

No, it isn't.  Right now, SET always refers to a GUC, never a
variable, so there's no possibility of getting confused about whether
it's intending to change a GUC or an eponymous variable.  Once you
make SET able to change either one of two different kinds of objects,
then that possibility does exist.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers