diff options
Diffstat (limited to 'doc/src/sgml/ref/psql-ref.sgml')
| -rw-r--r-- | doc/src/sgml/ref/psql-ref.sgml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/src/sgml/ref/psql-ref.sgml b/doc/src/sgml/ref/psql-ref.sgml index 29fc5b078ee..92e1a2fc5d3 100644 --- a/doc/src/sgml/ref/psql-ref.sgml +++ b/doc/src/sgml/ref/psql-ref.sgml @@ -696,6 +696,18 @@ testdb=> </para> <para> + If untrusted users have access to a database that has not adopted a + <link linkend="ddl-schemas-patterns">secure schema usage pattern</link>, + begin your session by removing publicly-writable schemas + from <varname>search_path</varname>. One can + add <literal>options=-csearch_path=</literal> to the connection string or + issue <literal>SELECT pg_catalog.set_config('search_path', '', + false)</literal> before other SQL commands. This consideration is not + specific to <application>psql</application>; it applies to every interface + for executing arbitrary SQL commands. + </para> + + <para> Whenever a command is executed, <application>psql</application> also polls for asynchronous notification events generated by <xref linkend="SQL-LISTEN"> and |