Re: pgsql: Allow 'sslkey' and 'sslcert' in postgres_fdw user mappings

From: Christoph Berg <myon(at)debian(dot)org>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pgsql: Allow 'sslkey' and 'sslcert' in postgres_fdw user mappings
Date: 2020-01-09 14:38:45
Message-ID: 20200109143845.GE4192@msg.df7cb.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers pgsql-hackers

Re: Robert Haas 2020-01-09 <CA+TgmoZEjyv_PD=2cinkbDA_chyLNAcBPL_9bKJQ6bc=nw+FHA(at)mail(dot)gmail(dot)com>
> Does this mean that a non-superuser can induce postgres_fdw to read an
> arbitrary file from the local filesystem?

Yes, see my comments in the "Allow 'sslkey' and 'sslcert' in
postgres_fdw user mappings" thread.

Christoph

In response to

Responses

Browse pgsql-committers by date

  From Date Subject
Next Message Robert Haas 2020-01-09 14:45:20 Re: pgsql: Add basic TAP tests for psql's tab-completion logic.
Previous Message Robert Haas 2020-01-09 14:18:45 Re: pgsql: Allow 'sslkey' and 'sslcert' in postgres_fdw user mappings

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2020-01-09 14:43:04 Re: [PATCH] Resolve Parallel Hash Join Performance Issue
Previous Message Dagfinn Ilmari Mannsåker 2020-01-09 14:35:19 Re: Fixing parallel make of libpq