Home > mailing lists

Re: [patch] fix dblink security hole - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [patch] fix dblink security hole
Date	September 21, 2008 23:19:18
Msg-id	10550.1222030168@sss.pgh.pa.us Whole thread Raw
In response to	Re: [patch] fix dblink security hole ("Marko Kreen" <markokr@gmail.com>)
Responses	Re: [patch] fix dblink security hole (Joe Conway <mail@joeconway.com>)
List	pgsql-hackers

Tree view

"Marko Kreen" <markokr@gmail.com> writes:
> On 9/21/08, Joe Conway <mail@joeconway.com> wrote:
>> Why? pg_service does not appear to support wildcards, so what is the attack
>> vector?

> "service=foo host=custom"

The proposal to require a password = foo entry in the conn string seems
to resolve all of these, without taking away useful capability.  I don't
think that forbidding use of services altogether is a good thing.

So that seems to tilt the decision towards exposing the conninfo_parse
function.  Joe, do you want to have a go at it, or shall I?
        regards, tom lane

pgsql-hackers by date:

From: Andrew Dunstan
Date: 21 September 2008, 23:15:35
Subject: Re: parallel pg_restore

From: Tom Lane
Date: 21 September 2008, 23:29:15
Subject: Re: parallel pg_restore

Re: [patch] fix dblink security hole - Mailing list pgsql-hackers

Previous

Next