Home > mailing lists

Re: GRANT USAGE on FOREIGN SERVER exposes passwords - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: GRANT USAGE on FOREIGN SERVER exposes passwords
Date	February 5, 2015 19:23:52
Msg-id	20150205162346.GY3854@tamriel.snowman.net Whole thread Raw
In response to	Re: GRANT USAGE on FOREIGN SERVER exposes passwords (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: GRANT USAGE on FOREIGN SERVER exposes passwords (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

* Robert Haas (robertmhaas@gmail.com) wrote:
> On Thu, Feb 5, 2015 at 10:48 AM, Stephen Frost <sfrost@snowman.net> wrote:
> >> If she's got dblink access, she can run arbitrary
> >> SQL queries on the remote server anyway, which is all the password
> >> would let her do.  Also, she could use dblink to run ALTER ROLE foo
> >> PASSWORD '...' on the remote server, and then she'll *definitely* know
> >> the password.
> >
> > And I thought this was about FDW options and not about dblink, really..
>
> The OP is pretty clearly asking about dblink.

I was just pointing out that it was an issue that all FDWs suffer from,
since we don't have any way for an FDW to say "don't show this option",
as discussed.
Thanks,
    Stephen

pgsql-hackers by date:

From: Robert Haas
Date: 05 February 2015, 19:21:02
Subject: Re: GRANT USAGE on FOREIGN SERVER exposes passwords

From: Tom Lane
Date: 05 February 2015, 19:49:03
Subject: Re: GRANT USAGE on FOREIGN SERVER exposes passwords

Re: GRANT USAGE on FOREIGN SERVER exposes passwords - Mailing list pgsql-hackers

Previous

Next