Re: Is postgres_fdw "safe"?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Marcin Borkowski <mbork(at)mbork(dot)pl>
Cc: pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: Is postgres_fdw "safe"?
Date: 2023-10-20 16:37:29
Message-ID: 3891974.1697819849@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Marcin Borkowski <mbork(at)mbork(dot)pl> writes:
> I noticed that the docs for postgres_fdw lack the clause about it being
> "trusted". Does that mean that `create extension postgres_fdw` poses
> any known security risks? If so, what should I do to minimize them?

It's a definitional question I guess. We don't mark anything trusted
if it can be used to cause outside-the-database effects; and in this
case the ability to connect to other databases qualifies as that.

regards, tom lane

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Justin Clift 2023-10-21 09:49:48 Re: Driver Postgresql HP-Unix
Previous Message Ron 2023-10-20 16:33:46 Re: Is postgres_fdw "safe"?