Doc patch, put pg_temp into the documentation's index
Hi,
2 patches:
pg_temp-toindex.patch
Puts pg_temp into the index of the docs.
(Line lengths are ugly so the change can
be easily reviewed.)
pg_temp-reformat.patch
Reformats the doc source after the
above patch. (Fixes line length.)
Regards,
Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
Attachments:
pg_temp-toindex.patchtext/x-patch; charset=us-ascii; name=pg_temp-toindex.patchDownload
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index 4bd06ed..f041309 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -4799,7 +4799,7 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv;
Likewise, the current session's temporary-table schema,
<literal>pg_temp_<replaceable>nnn</></>, is always searched if it
exists. It can be explicitly listed in the path by using the
- alias <literal>pg_temp</>. If it is not listed in the path then
+ alias <literal>pg_temp</><indexterm><primary>pg_temp</></>. If it is not listed in the path then
it is searched first (even before <literal>pg_catalog</>). However,
the temporary schema is only searched for relation (table, view,
sequence, etc) and data type names. It is never searched for
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index 4336e4b..fee6f53 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -684,7 +684,7 @@ SELECT * FROM dup(42);
temporary-table schema, which is searched first by default, and
is normally writable by anyone. A secure arrangement can be had
by forcing the temporary schema to be searched last. To do this,
- write <literal>pg_temp</> as the last entry in <varname>search_path</>.
+ write <literal>pg_temp</><indexterm><primary>pg_temp</><secondary>securing functions</></> as the last entry in <varname>search_path</>.
This function illustrates safe usage:
</para>
pg_temp-reformat.patchtext/x-patch; charset=us-ascii; name=pg_temp-reformat.patchDownload
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index f041309..d5bd993 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -4797,13 +4797,15 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv;
<para>
Likewise, the current session's temporary-table schema,
- <literal>pg_temp_<replaceable>nnn</></>, is always searched if it
- exists. It can be explicitly listed in the path by using the
- alias <literal>pg_temp</><indexterm><primary>pg_temp</></>. If it is not listed in the path then
- it is searched first (even before <literal>pg_catalog</>). However,
- the temporary schema is only searched for relation (table, view,
- sequence, etc) and data type names. It is never searched for
- function or operator names.
+ <literal>pg_temp_<replaceable>nnn</></>, is always searched if
+ it exists. It can be explicitly listed in the path by using
+ the alias
+ <literal>pg_temp</><indexterm><primary>pg_temp</></>. If it
+ is not listed in the path then it is searched first (even
+ before <literal>pg_catalog</>). However, the temporary schema
+ is only searched for relation (table, view, sequence, etc) and
+ data type names. It is never searched for function or
+ operator names.
</para>
<para>
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index fee6f53..8632a76 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -676,15 +676,16 @@ SELECT * FROM dup(42);
<para>
Because a <literal>SECURITY DEFINER</literal> function is executed
with the privileges of the user that created it, care is needed to
- ensure that the function cannot be misused. For security,
- <xref linkend="guc-search-path"> should be set to exclude any schemas
- writable by untrusted users. This prevents
- malicious users from creating objects that mask objects used by the
- function. Particularly important in this regard is the
- temporary-table schema, which is searched first by default, and
- is normally writable by anyone. A secure arrangement can be had
- by forcing the temporary schema to be searched last. To do this,
- write <literal>pg_temp</><indexterm><primary>pg_temp</><secondary>securing functions</></> as the last entry in <varname>search_path</>.
+ ensure that the function cannot be misused. For security, <xref
+ linkend="guc-search-path"> should be set to exclude any schemas
+ writable by untrusted users. This prevents malicious users from
+ creating objects that mask objects used by the function.
+ Particularly important in this regard is the temporary-table
+ schema, which is searched first by default, and is normally
+ writable by anyone. A secure arrangement can be had by forcing
+ the temporary schema to be searched last. To do this, write
+ <literal>pg_temp</><indexterm><primary>pg_temp</><secondary>securing
+ functions</></> as the last entry in <varname>search_path</>.
This function illustrates safe usage:
</para>
On Fri, 2012-09-28 at 11:10 -0500, Karl O. Pinc wrote:
pg_temp-toindex.patch
Puts pg_temp into the index of the docs.
But there is no object called pg_temp. It always pg_temp_NNNN
something. How should that be indexed?
Peter Eisentraut <peter_e@gmx.net> writes:
On Fri, 2012-09-28 at 11:10 -0500, Karl O. Pinc wrote:
pg_temp-toindex.patch
Puts pg_temp into the index of the docs.
But there is no object called pg_temp. It always pg_temp_NNNN
something. How should that be indexed?
We do <replaceable>NNNN</> in a lot of places, and that seems
serviceable enough, at least in output formats where the NNNN can be
rendered differently from plain text. I don't remember though whether
the sgml index infrastructure allows markup in an index item.
regards, tom lane
On 11/17/2012 12:19:02 AM, Peter Eisentraut wrote:
On Fri, 2012-09-28 at 11:10 -0500, Karl O. Pinc wrote:
pg_temp-toindex.patch
Puts pg_temp into the index of the docs.But there is no object called pg_temp. It always pg_temp_NNNN
something. How should that be indexed?
My thought is not to index the db object; it isn't
particularly interesting to a user. Instead what's
indexed is the token pg_temp, used when
setting search_path. The utility of the token is
explained in several places in the docs.
Regards,
Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
On Sat, 2012-11-17 at 11:33 -0600, Karl O. Pinc wrote:
On 11/17/2012 12:19:02 AM, Peter Eisentraut wrote:
On Fri, 2012-09-28 at 11:10 -0500, Karl O. Pinc wrote:
pg_temp-toindex.patch
Puts pg_temp into the index of the docs.But there is no object called pg_temp. It always pg_temp_NNNN
something. How should that be indexed?My thought is not to index the db object; it isn't
particularly interesting to a user. Instead what's
indexed is the token pg_temp, used when
setting search_path. The utility of the token is
explained in several places in the docs.
Actually, since this is the pg_temp alias for the search path, it is
appropriate. So committed as is.
On 11/17/2012 05:10:12 PM, Peter Eisentraut wrote:
On Sat, 2012-11-17 at 11:33 -0600, Karl O. Pinc wrote:
what's
indexed is the token pg_temp, used when
setting search_path.
Actually, since this is the pg_temp alias for the search path, it is
appropriate. So committed as is.
Thanks for the work on this and the other patches you've helped
me out with, and for the larger work on PG of course.
I would feel like I was cluttering the channel if I
sent a thanks each time but I do want to acknowledge
both your help and the work the other Postgres people
do.
Regards,
Karl <kop@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein