| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Joe Conway <mail(at)joeconway(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, Gregory Stark <stark(at)enterprisedb(dot)com>, pgsql-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: dblink connection security |
| Date: | 2007-07-01 20:32:28 |
| Message-ID: | 16744.1183321948@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> Hmm. It would be better if it never actually completed an authentication
> in the first place, but I don't see how we can do that given how the
> protocol works.
> We could add a connection string parameter that disables it, but that
> doesn't really help since the backend moves into authenticated mode
> before you can abort anyway.
Yeah. Since this is really a question of client-side code protecting
itself from misuse of its credentials, I don't think it's a very severe
problem --- it can certainly make the check before allowing any use of
the new PGconn object.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Treat | 2007-07-01 20:45:01 | Re: dblink connection security |
| Previous Message | Tom Lane | 2007-07-01 20:29:26 | Re: dblink connection security |