Quick Links

Feature request dblink: Security issue - dblink user+password parameters must be optional

From:	Hermann Muster <Hermann(dot)Muster(at)gmx(dot)de>
To:	pgsql-general(at)postgresql(dot)org
Subject:	Feature request dblink: Security issue - dblink user+password parameters must be optional
Date:	2009-01-28 07:52:43
Message-ID:	glp2sa$7hj$1@news.hub.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

When creating a view via DBLINK, the user=... and password=...
parameters shall be optional. If they are left out, then the current
user accessing the view shall be impersonated implicitely to the
"dblinked" database as well. Forcing anybody to hardcode a password
readable within the view definition should be an absolute DON'T!

Haven't found a better place to post this request. Hope the author of
dblink is reading it here, too. :-)

Responses

Re: Feature request dblink: Security issue - dblink user+password parameters must be optional at 2009-01-28 09:07:14 from Marko Kreen

Browse pgsql-general by date

	From	Date	Subject
Next Message	Sim Zacks	2009-01-28 07:53:00	Re: Rollback of Query Cancellation
Previous Message	fatih arıkan	2009-01-28 07:50:37	About PostgreSQL Installer