From: Ansgar Burchardt <ansgar@debian.org>
Date: Fri, 19 Aug 2011 18:05:42 +0000 (+0200)
Subject: Set search_path to a secure value.
X-Git-Url: https://git.decadent.org.uk/gitweb/?a=commitdiff_plain;h=b52daab0399566081e50d41f0ffe5c3c1e2ed2d0;p=dak.git

Set search_path to a secure value.
---

diff --git a/dak/dakdb/update66.py b/dak/dakdb/update66.py
index 2f108bae..c9ec9b2b 100755
--- a/dak/dakdb/update66.py
+++ b/dak/dakdb/update66.py
@@ -123,7 +123,8 @@ BEGIN
 
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER""");
+$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER
+SET search_path = public, pg_temp""");
 
         c.execute("""CREATE OR REPLACE FUNCTION trigger_override_update() RETURNS TRIGGER AS $$
 DECLARE
@@ -182,7 +183,8 @@ BEGIN
 
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER""");
+$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER
+SET search_path = public, pg_temp""");
 
         c.execute("CREATE TRIGGER trigger_bin_associations_audit AFTER INSERT OR DELETE ON bin_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
         c.execute("CREATE TRIGGER trigger_src_associations_audit AFTER INSERT OR DELETE ON src_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")