From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Questions and experiences writing a Foreign Data Wrapper |
Date: | 2011-07-22 16:32:04 |
Message-ID: | 11805.1311352324@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, Jul 22, 2011 at 12:13 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Well, if you read it that way, then CREATE USER MAPPING with an empty
>> option set is a no-op: the behavior of the FDW would be the same whether
>> you'd executed it or not. Which doesn't seem to me to satisfy the
>> principle of least surprise, nor the letter of the spec.
> I think what they're saying is that they expect the credentials to be
> stored in the user mapping. But that seems like a fairly silly
> requirement, since it's not difficult to imagine wanting all of your
> local users to connect to the remote side with the same set of
> credentials ...
But if you want that, you'd do CREATE USER MAPPING FOR PUBLIC. What
disturbs me about this approach is that it'd have the effect of a public
mapping with no options existing by default, and being in fact
impossible to remove. Now, depending on what the FDW chooses to require
in the way of options, that might not be insecure; but it sure seems
like a foot-gun waiting to fire on somebody.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2011-07-22 16:44:33 | Re: psql: bogus descriptions displayed by \d+ |
Previous Message | Robert Haas | 2011-07-22 16:18:02 | Re: Questions and experiences writing a Foreign Data Wrapper |