diff options
| -rw-r--r-- | doc/src/sgml/ref/create_function.sgml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml index 42553f52203..8adf939952b 100644 --- a/doc/src/sgml/ref/create_function.sgml +++ b/doc/src/sgml/ref/create_function.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.53.2.2 2007/04/20 02:38:44 tgl Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.53.2.3 2007/04/20 03:10:51 tgl Exp $ --> <refentry id="SQL-CREATEFUNCTION"> @@ -389,7 +389,7 @@ CREATE FUNCTION add(integer, integer) RETURNS integer Because a <literal>SECURITY DEFINER</literal> function is executed with the privileges of the user that created it, care is needed to ensure that the function cannot be misused. For security, - <xref linkend="guc-search-path"> should be set to exclude any schemas + <varname>search_path</> should be set to exclude any schemas writable by untrusted users. This prevents malicious users from creating objects that mask objects used by the function. Particularly important is in this regard is the |