+++ This bug was initially created as a clone of Bug #237680 +++ Quoting the PostgreSQL release notes: http://www.postgresql.org/docs/8.2/static/release-8-2-4.html Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom) This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See CREATE FUNCTION for more information.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-0337.html