Re: dblink vs SQL/MED - security and implementation details - Mailing list pgsql-hackers

From Peter Eisentraut
Subject Re: dblink vs SQL/MED - security and implementation details
Date
Msg-id 200901062025.14991.peter_e@gmx.net
Whole thread Raw
In response to Re: dblink vs SQL/MED - security and implementation details  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: dblink vs SQL/MED - security and implementation details
List pgsql-hackers
On Tuesday 06 January 2009 19:50:51 Tom Lane wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > I think you want some permission checking on fdtest then, right?
>
> What about the permissions on the system catalogs themselves?
> AFAICT, the pg_user_mappings view will expose user passwords to
> the "owner" of the foreign server, which doesn't seem good.

Well, no one is forcing you to put a password there.  dblink has had its 
mechanisms for obtaining passwords until now, and those are not invalidated 
by this.  There are as always limited use cases for hardcoding passwords, but 
in a fully multiuser environment you probably want to use a different 
authentication mechanism.  Eventually, when we allow these modules to 
actually call out, we will have to seriously evaluate that.  But for right 
now, if you don't want your password in there, don't put it there.


pgsql-hackers by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: Significantly larger toast tables on 8.4?
Next
From: Tom Lane
Date:
Subject: Re: dblink vs SQL/MED - security and implementation details