Re: GRANT USAGE on FOREIGN SERVER exposes passwords

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Noah Yetter <nyetter(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: GRANT USAGE on FOREIGN SERVER exposes passwords
Date: 2015-02-05 16:20:48
Message-ID: CA+TgmoaNZPi++rcvNGt_qpo68thf0yNPXA+tZWJBtyWmkFD23g@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Thu, Feb 5, 2015 at 10:48 AM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
>> If she's got dblink access, she can run arbitrary
>> SQL queries on the remote server anyway, which is all the password
>> would let her do. Also, she could use dblink to run ALTER ROLE foo
>> PASSWORD '...' on the remote server, and then she'll *definitely* know
>> the password.
>
> And I thought this was about FDW options and not about dblink, really..

The OP is pretty clearly asking about dblink.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Stephen Frost 2015-02-05 16:23:46 Re: GRANT USAGE on FOREIGN SERVER exposes passwords
Previous Message Rémi Cura 2015-02-05 16:07:27 Re: How do I bump a row to the front of sort efficiently