From: Noah Misch <noah@leadboat.com>
Date: Mon, 17 Feb 2014 14:33:31 +0000 (-0500)
Subject: Document security implications of check_function_bodies.
X-Git-Tag: REL8_4_20~7
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=09e2d4c145a6d796271cb8731c6201d76d0a0e9c;p=postgresql

Document security implications of check_function_bodies.

Back-patch to 8.4 (all supported versions).
---

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index 4791eb1240..f5f340c1f2 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -3967,9 +3967,11 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv;
         This parameter is normally on. When set to <literal>off</>, it
         disables validation of the function body string during <xref
         linkend="sql-createfunction"
-        endterm="sql-createfunction-title">. Disabling validation is
-        occasionally useful to avoid problems such as forward references
-        when restoring function definitions from a dump.
+        endterm="sql-createfunction-title">.  Disabling validation avoids side
+        effects of the validation process and avoids false positives due
+        to problems such as forward references.  Set this parameter
+        to <literal>off</> before loading functions on behalf of other
+        users; <application>pg_dump</> does so automatically.
        </para>
       </listitem>
      </varlistentry>