| From: | Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> |
|---|---|
| To: | laurenz(dot)albe(at)cybertec(dot)at |
| Cc: | euler(at)eulerto(dot)com, philflorent(at)hotmail(dot)com, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Error from the foreign RDBMS on a foreign table I have no privilege on |
| Date: | 2022-06-08 05:51:39 |
| Message-ID: | 20220608.145139.1541921488915872838.horikyota.ntt@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
At Wed, 08 Jun 2022 07:05:09 +0200, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> wrote in
> I take Tom's comment above as saying that the current behavior is fine.
> So yes, perhaps some documentation would be in order:
>
> diff --git a/doc/src/sgml/postgres-fdw.sgml b/doc/src/sgml/postgres-fdw.sgml
> index b43d0aecba..b4b7e36d28 100644
> --- a/doc/src/sgml/postgres-fdw.sgml
> +++ b/doc/src/sgml/postgres-fdw.sgml
> @@ -274,6 +274,14 @@ OPTIONS (ADD password_required 'false');
> but only for that table.
> The default is <literal>false</literal>.
> </para>
> +
> + <para>
> + Note that <command>EXPLAIN</command> will be run on the remote server
> + at query planning time, <emphasis>before</emphasis> permissions on the
> + foreign table are checked. This is not a security problem, since the
> + subsequent error from the permission check will prevent the user from
> + seeing any of the resulting data.
> + </para>
> </listitem>
> </varlistentry>
Looks fine. I'd like to add something like "If needed, depriving
unprivileged users of relevant user mappings will prevent such remote
executions that happen at planning-time."
regards.
--
Kyotaro Horiguchi
NTT Open Source Software Center
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2022-06-08 06:27:06 | Re: [RFC] building postgres with meson -v8 |
| Previous Message | Peter Smith | 2022-06-08 05:35:05 | Re: bogus: logical replication rows/cols combinations |