Supported Versions: Current (11) / 10 / 9.6 / 9.5 / 9.4
Development Versions: 12 / devel
Unsupported versions: 9.3 / 9.2 / 9.1 / 9.0 / 8.4 / 8.3



dblink_connect_u -- opens a persistent connection to a remote database, insecurely


    dblink_connect_u(text connstr) returns text
    dblink_connect_u(text connname, text connstr) returns text


dblink_connect_u() is identical to dblink_connect(), except that it will allow non-superusers to connect using any authentication method.

If the remote server selects an authentication method that does not involve a password, then impersonation and subsequent escalation of privileges can occur, because the session will appear to have originated from the user as which the local PostgreSQL server runs. Therefore, dblink_connect_u() is initially installed with all privileges revoked from PUBLIC, making it un-callable except by superusers. In some situations it may be appropriate to grant EXECUTE permission for dblink_connect_u() to specific users who are considered trustworthy, but this should be done with care.

For further details see dblink_connect().