Home > mailing lists

pgsql: Restrict non-superusers to password authenticated connections to - Mailing list pgsql-committers

From	joe@postgresql.org (Joe Conway)
Subject	pgsql: Restrict non-superusers to password authenticated connections to
Date	July 9, 2007 01:32:34
Msg-id	20070709013231.2C1A19FB591@postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Log Message:
-----------
Restrict non-superusers to password authenticated connections
to prevent possible escalation of privilege. Provide new SECURITY
DEFINER functions with old behavior, but initially REVOKE ALL
from public for these functions. Per list discussion and design
proposed by Tom Lane.

Tags:
----
REL8_2_STABLE

Modified Files:
--------------
    pgsql/contrib/dblink:
        dblink.c (r1.60 -> r1.60.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.60&r2=1.60.2.1)
        dblink.sql.in (r1.11 -> r1.11.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.11&r2=1.11.2.1)
    pgsql/contrib/dblink/doc:
        connection (r1.4 -> r1.4.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/doc/connection.diff?r1=1.4&r2=1.4.2.1)

pgsql-committers by date:

From: tgl@postgresql.org (Tom Lane)
Date: 09 July 2007, 01:15:20
Subject: pgsql: Fix single-user mode so that interrupts (particularly SIGTERM and

From: joe@postgresql.org (Joe Conway)
Date: 09 July 2007, 01:32:49
Subject: pgsql: Restrict non-superusers to password authenticated connections to

pgsql: Restrict non-superusers to password authenticated connections to - Mailing list pgsql-committers

Previous

Next