Postgres Pro
Downloads
Home   >   mailing lists

Re: Error from the foreign RDBMS on a foreign table I have no privilege on - Mailing list pgsql-hackers

From Kyotaro Horiguchi
Subject Re: Error from the foreign RDBMS on a foreign table I have no privilege on
Date
Msg-id 20220608.130625.665509518109995128.horikyota.ntt@gmail.com
Whole thread Raw
In response to Re: Error from the foreign RDBMS on a foreign table I have no privilege on  (Kyotaro Horiguchi <horikyota.ntt@gmail.com>)
Responses Re: Error from the foreign RDBMS on a foreign table I have no privilege on  (Laurenz Albe <laurenz.albe@cybertec.at>)
List pgsql-hackers
Tree view 
At Wed, 08 Jun 2022 12:09:27 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in 
> At Wed, 08 Jun 2022 04:38:02 +0200, Laurenz Albe <laurenz.albe@cybertec.at> wrote in 
> > If anything, it should be done in the FDW, because it is only necessary if the
> > FDW calls the remote site during planning.
> > 
> > The question is: is this a bug in postgres_fdw that should be fixed?
> 
> It's depends on what we think about allowing remote access trials
> through unprivileged foreign table in any style.  It won't be a
> problem if the system is configured appropriately but too-frequent
> estimate accesses via unprivileged foreign tables might be regarded as
> an attack attempt.

In other words, I don't think it's not a bug and no need to fix.  If
one want to prevent such estimate accesses via unprivileged foreign
tables, it is enough to prevent non-privileged users from having a
user mapping.  This might be worth documenting?

regards.

-- 
Kyotaro Horiguchi
NTT Open Source Software Center

pgsql-hackers by date:

Previous
From: Justin Pryzby
Date:
Subject: Re: bogus: logical replication rows/cols combinations
Next
From: Kyotaro Horiguchi
Date:
Subject: Re: Error from the foreign RDBMS on a foreign table I have no privilege on