pgsql: Restrict non-superusers to password authenticated connections to - Mailing list pgsql-committers

From joe@postgresql.org (Joe Conway)
Subject pgsql: Restrict non-superusers to password authenticated connections to
Date
Msg-id 20070709013231.2C1A19FB591@postgresql.org
Whole thread Raw
List pgsql-committers
Log Message:
-----------
Restrict non-superusers to password authenticated connections
to prevent possible escalation of privilege. Provide new SECURITY
DEFINER functions with old behavior, but initially REVOKE ALL
from public for these functions. Per list discussion and design
proposed by Tom Lane.

Tags:
----
REL8_2_STABLE

Modified Files:
--------------
    pgsql/contrib/dblink:
        dblink.c (r1.60 -> r1.60.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.60&r2=1.60.2.1)
        dblink.sql.in (r1.11 -> r1.11.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.11&r2=1.11.2.1)
    pgsql/contrib/dblink/doc:
        connection (r1.4 -> r1.4.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/doc/connection.diff?r1=1.4&r2=1.4.2.1)

pgsql-committers by date:

Previous
From: tgl@postgresql.org (Tom Lane)
Date:
Subject: pgsql: Fix single-user mode so that interrupts (particularly SIGTERM and
Next
From: joe@postgresql.org (Joe Conway)
Date:
Subject: pgsql: Restrict non-superusers to password authenticated connections to