Quick Links

Re: [Review] fix dblink security hole

From:	"Ibrar Ahmed" <ibrar(dot)ahmad(at)gmail(dot)com>
To:	"Marko Kreen" <markokr(at)gmail(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: [Review] fix dblink security hole
Date:	2008-09-16 12:27:43
Message-ID:	8494ccf60809160527v153eac19rc6d9ca1fef6623f@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

>
>
> > I have attached a patch just for the quick thought. Otherwise there is no
> > issue with patch.
>
> This is no good - the security_check() needs established connection
> to work on.
>

I know it but after putting the superuser check just above the
security_check function make this function almost useless and now it doesn't
need PGconn parameter.

BTW it was just my suggestion otherwise patch looks ok to me

--
Ibrar Ahmed

In response to

Re: [Review] fix dblink security hole at 2008-09-16 10:26:17 from Marko Kreen

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Heikki Linnakangas	2008-09-16 13:30:15	Re: WIP patch: Collation support
Previous Message	Tom Lane	2008-09-16 12:08:01	Re: Coping with nLocks overflow