Re: [HACKERS] postgres_fdw super user checks

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Ashutosh Bapat <ashutosh(dot)bapat(at)enterprisedb(dot)com>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, Andreas Karlsson <andreas(at)proxel(dot)se>, Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [HACKERS] postgres_fdw super user checks
Date: 2017-12-05 16:41:56
Message-ID: 20171205164156.GE4628@tamriel.snowman.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Robert, Ashutosh,

* Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
> On Mon, Dec 4, 2017 at 5:57 PM, Ashutosh Bapat
> <ashutosh(dot)bapat(at)enterprisedb(dot)com> wrote:
> > I think the real behaviour can be described as something like this:
> >
> > "Only superusers may connect to foreign servers without password
> > authentication, so always specify the <literal>password</literal>
> > option for user mappings that may be used by non-superusers." But
> > which user mappings may be used by non-superusers can not be defined
> > without explaining views owned by superusers. I don't think we should
> > be talking about views in that part of documentation.
>
> Well, if we don't, then I'm not sure we can really make this clear.

Yeah, I'm pretty sure we need to spell out the situation around views
here because it's different from how views normally work as discussed in
Rules and Privileges.

I'll note that the Rules and Privileges section could use a bit of love
too- the v10 docs have:

"Due to rewriting of queries by the PostgreSQL rule system, other
tables/views than those used in the original query get accessed. When
update rules are used, this can include write access to tables."

Which isn't really accurate since simple updatable views were added.

Looking at it more though, really, I think that whole page needs to be
re-cast to be about *views* and stop talking about rules. That's really
a seperate discussino to have though.

> Anyhow, I've committed the patch to master for now; we can keep
> arguing about what, if anything, to do for back-branch documentation.

Thanks!

Stephen

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Bossart, Nathan 2017-12-05 16:52:40 Re: BUG #14941: Vacuum crashes
Previous Message Robert Haas 2017-12-05 16:35:31 Re: [HACKERS] postgres_fdw super user checks