diff options
| -rw-r--r-- | doc/src/sgml/ref/create_function.sgml | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml index 35869bf6ba6..7e6d52c7dcf 100644 --- a/doc/src/sgml/ref/create_function.sgml +++ b/doc/src/sgml/ref/create_function.sgml @@ -779,10 +779,7 @@ SELECT * FROM dup(42); <para> Because a <literal>SECURITY DEFINER</literal> function is executed with the privileges of the user that owns it, care is needed to - ensure that the function cannot be misused. This is particularly - important for non-<replaceable>sql_body</replaceable> functions because - their function bodies are evaluated at run-time, not creation time. - For security, + ensure that the function cannot be misused. For security, <xref linkend="guc-search-path"/> should be set to exclude any schemas writable by untrusted users. This prevents malicious users from creating objects (e.g., tables, functions, and |