Quick Links

Re: [patch] fix dblink security hole

From:	"Marko Kreen" <markokr(at)gmail(dot)com>
To:	"Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	"Joe Conway" <mail(at)joeconway(dot)com>, "Postgres Hackers" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: [patch] fix dblink security hole
Date:	2008-09-21 09:09:10
Message-ID:	e51f66da0809210209n12c8682fo6550f145b734bb2c@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On 9/21/08, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Joe Conway <mail(at)joeconway(dot)com> writes:
> > Good point -- I'll look into that and post something tomorrow. How does
> > "requirepassword" sound for the option? It is consistent with
> > "requiressl" but a bit long and hard to read. Maybe "require_password"?
>
>
> Well, no, because it's not requiring a password.
>
> Perhaps "ignore_pgpass"?

You need to ignore pg_service also. (And PGPASSWORD)

--
marko

In response to

Re: [patch] fix dblink security hole at 2008-09-21 02:09:10 from Tom Lane

Responses

Re: [patch] fix dblink security hole at 2008-09-21 17:58:29 from Joe Conway

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Simon Riggs	2008-09-21 09:18:08	Re: Foreign key constraint for array-field?
Previous Message	Joshua D. Drake	2008-09-21 04:46:27	Re: Foreign key constraint for array-field?