pgsql: The original patch to disallow non-passworded connections to

From: tgl(at)postgresql(dot)org (Tom Lane)
To: pgsql-committers(at)postgresql(dot)org
Subject: pgsql: The original patch to disallow non-passworded connections to
Date: 2008-01-03 21:27:59
Message-ID: 20080103212759.DD297754108@cvs.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Log Message:
-----------
The original patch to disallow non-passworded connections to non-superusers
failed to cover all the ways in which a connection can be initiated in dblink.
Plug the remaining holes. Also, disallow transient connections in functions
for which that feature makes no sense (because they are only sensible as
part of a sequence of operations on the same connection). Joe Conway

Security: CVE-2007-6601

Modified Files:
--------------
pgsql/contrib/dblink:
dblink.c (r1.67 -> r1.68)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c?r1=1.67&r2=1.68)
pgsql/contrib/dblink/expected:
dblink.out (r1.20 -> r1.21)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/expected/dblink.out?r1=1.20&r2=1.21)
pgsql/contrib/dblink/sql:
dblink.sql (r1.17 -> r1.18)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/sql/dblink.sql?r1=1.17&r2=1.18)

Browse pgsql-committers by date

  From Date Subject
Next Message Tom Lane 2008-01-03 21:28:18 pgsql: The original patch to disallow non-passworded connections to
Previous Message Tom Lane 2008-01-03 21:25:58 pgsql: Make standard maintenance operations (including VACUUM, ANALYZE,