Craig Ringer wrote:
> Currently postgres_fdw cannot be used with 'cert' authentication, i.e. client-certificate validation
> and cert cn => postgres username mapping. You also can't use things like Kerberos, SSPI, etc with
> a superuser-created FDW and username map.
>
> To permit this, I'd like to allow postgres_fdw user mappings to be created with a new
> 'permit_passwordless' option. Only the superuser is allowed to create such a mapping.
> If it's set to true, we bypass the check_conn_params(...) connection-string password check
> and the connect_pg_server(...) check for the conn using a password when a non-superuser
> establishes a connection.
>
> This doesn't re-open CVE-2007-6601 because the superuser has to explicitly grant the access.
I have wished for a feature like that before, so +1 on the idea.
ALTER USER MAPPING has to be restricted to superusers as well.
Yours,
Laurenz Albe
