Thread: BUG #5457: dblink_connect now restricts non-superusers to password

The following bug has been logged online:

Bug reference:      5457
Logged by:          Chana Slutzkin
Email address:      chana@cs.huji.ac.il
PostgreSQL version: 8.4
Operating system:   FreeBSD 7.2
Description:        dblink_connect now restricts non-superusers to password
Details:

dblink in version 8.4 forces a non-superuser to connect using a password.
I would prefer to use ident.

On 2010-05-11, Chana Slutzkin <chana@cs.huji.ac.il> wrote:
>
> The following bug has been logged online:
>
> Bug reference:      5457
> Logged by:          Chana Slutzkin
> Email address:      chana@cs.huji.ac.il
> PostgreSQL version: 8.4
> Operating system:   FreeBSD 7.2
> Description:        dblink_connect now restricts non-superusers to password
> Details:
>
> dblink in version 8.4 forces a non-superuser to connect using a password.
> I would prefer to use ident.

dblink runs on the back-end under the postgres user account.
identd (or postgres, or anoyone else who looks) is going to see
the user as postgres.

Chana Slutzkin wrote:
>
> The following bug has been logged online:
>
> Bug reference:      5457
> Logged by:          Chana Slutzkin
> Email address:      chana@cs.huji.ac.il
> PostgreSQL version: 8.4
> Operating system:   FreeBSD 7.2
> Description:        dblink_connect now restricts non-superusers to password
> Details:
>
> dblink in version 8.4 forces a non-superuser to connect using a password.
> I would prefer to use ident.

I don't think ident is a good idea because the connection is coming from
the database server, not the client.  The database server is always
going to be user 'postgres'.  However, I assume pg_hba.conf could allow
you do make this work somehow, but with little security.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com