Home > mailing lists

Re: Is postgres_fdw "safe"? - Mailing list pgsql-general

From	Tom Lane
Subject	Re: Is postgres_fdw "safe"?
Date	October 20, 2023 19:37:29
Msg-id	3891974.1697819849@sss.pgh.pa.us Whole thread Raw
In response to	Is postgres_fdw "safe"? (Marcin Borkowski <mbork@mbork.pl>)
List	pgsql-general

Tree view

Marcin Borkowski <mbork@mbork.pl> writes:
> I noticed that the docs for postgres_fdw lack the clause about it being
> "trusted".  Does that mean that `create extension postgres_fdw` poses
> any known security risks?  If so, what should I do to minimize them?

It's a definitional question I guess.  We don't mark anything trusted
if it can be used to cause outside-the-database effects; and in this
case the ability to connect to other databases qualifies as that.

            regards, tom lane

pgsql-general by date:

From: Ron
Date: 20 October 2023, 19:33:46
Subject: Re: Is postgres_fdw "safe"?

From: Justin Clift
Date: 21 October 2023, 12:49:48
Subject: Re: Driver Postgresql HP-Unix

Re: Is postgres_fdw "safe"? - Mailing list pgsql-general

Previous

Next