Home > mailing lists

pgsql: The original patch to disallow non-passworded connections to - Mailing list pgsql-committers

From	tgl@postgresql.org (Tom Lane)
Subject	pgsql: The original patch to disallow non-passworded connections to
Date	January 7, 2008 18:29:48
Msg-id	20080103212830.84847754108@cvs.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Log Message:
-----------
The original patch to disallow non-passworded connections to non-superusers
failed to cover all the ways in which a connection can be initiated in dblink.
Plug the remaining holes.  Also, disallow transient connections in functions
for which that feature makes no sense (because they are only sensible as
part of a sequence of operations on the same connection).  Joe Conway

Security: CVE-2007-6601

Tags:
----
REL8_1_STABLE

Modified Files:
--------------
    pgsql/contrib/dblink:
        dblink.c (r1.48.2.4 -> r1.48.2.5)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c?r1=1.48.2.4&r2=1.48.2.5)

pgsql-committers by date:

From: tgl@postgresql.org (Tom Lane)
Date: 07 January 2008, 18:28:57
Subject: pgsql: The original patch to disallow non-passworded connections to

From: tgl@postgresql.org (Tom Lane)
Date: 07 January 2008, 18:30:22
Subject: pgsql: The original patch to disallow non-passworded connections to

pgsql: The original patch to disallow non-passworded connections to - Mailing list pgsql-committers

Previous

Next