Thread: pgsql: Restrict non-superusers to password authenticated connections to

pgsql: Restrict non-superusers to password authenticated connections to

From
joe@postgresql.org (Joe Conway)
Date:
Log Message:
-----------
Restrict non-superusers to password authenticated connections
to prevent possible escalation of privilege. Provide new SECURITY
DEFINER functions with old behavior, but initially REVOKE ALL
from public for these functions. Per list discussion and design
proposed by Tom Lane.

Tags:
----
REL7_4_STABLE

Modified Files:
--------------
    pgsql/contrib/dblink:
        dblink.c (r1.25.4.4 -> r1.25.4.5)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4&r2=1.25.4.5)
        dblink.sql.in (r1.8 -> r1.8.4.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8&r2=1.8.4.1)
    pgsql/contrib/dblink/doc:
        connection (r1.2 -> r1.2.4.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/doc/connection.diff?r1=1.2&r2=1.2.4.1)