Re: [patch] fix dblink security hole

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Marko Kreen" <markokr(at)gmail(dot)com>
Cc: "Joe Conway" <mail(at)joeconway(dot)com>, "Postgres Hackers" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [patch] fix dblink security hole
Date: 2008-09-21 20:49:28
Message-ID: 10550.1222030168@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

"Marko Kreen" <markokr(at)gmail(dot)com> writes:
> On 9/21/08, Joe Conway <mail(at)joeconway(dot)com> wrote:
>> Why? pg_service does not appear to support wildcards, so what is the attack
>> vector?

> "service=foo host=custom"

The proposal to require a password = foo entry in the conn string seems
to resolve all of these, without taking away useful capability. I don't
think that forbidding use of services altogether is a good thing.

So that seems to tilt the decision towards exposing the conninfo_parse
function. Joe, do you want to have a go at it, or shall I?

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Joe Conway 2008-09-21 21:05:26 Re: [patch] fix dblink security hole
Previous Message Tom Lane 2008-09-21 20:43:28 Re: Proposal: move column defaults into pg_attribute along with attacl