From b52daab0399566081e50d41f0ffe5c3c1e2ed2d0 Mon Sep 17 00:00:00 2001
From: Ansgar Burchardt <ansgar@debian.org>
Date: Fri, 19 Aug 2011 20:05:42 +0200
Subject: [PATCH] Set search_path to a secure value.

---
 dak/dakdb/update66.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/dak/dakdb/update66.py b/dak/dakdb/update66.py
index 2f108bae..c9ec9b2b 100755
--- a/dak/dakdb/update66.py
+++ b/dak/dakdb/update66.py
@@ -123,7 +123,8 @@ BEGIN
 
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER""");
+$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER
+SET search_path = public, pg_temp""");
 
         c.execute("""CREATE OR REPLACE FUNCTION trigger_override_update() RETURNS TRIGGER AS $$
 DECLARE
@@ -182,7 +183,8 @@ BEGIN
 
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER""");
+$$ LANGUAGE plpgsql VOLATILE SECURITY DEFINER
+SET search_path = public, pg_temp""");
 
         c.execute("CREATE TRIGGER trigger_bin_associations_audit AFTER INSERT OR DELETE ON bin_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
         c.execute("CREATE TRIGGER trigger_src_associations_audit AFTER INSERT OR DELETE ON src_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
-- 
2.39.5