Craig Ringer wrote: > Currently postgres_fdw cannot be used with 'cert' authentication, i.e. > client-certificate validation > and cert cn => postgres username mapping. You also can't use things like > Kerberos, SSPI, etc with > a superuser-created FDW and username map. > > To permit this, I'd like to allow postgres_fdw user mappings to be created > with a new > 'permit_passwordless' option. Only the superuser is allowed to create such a > mapping. > If it's set to true, we bypass the check_conn_params(...) connection-string > password check > and the connect_pg_server(...) check for the conn using a password when a > non-superuser > establishes a connection. > > This doesn't re-open CVE-2007-6601 because the superuser has to explicitly > grant the access.
I have wished for a feature like that before, so +1 on the idea. ALTER USER MAPPING has to be restricted to superusers as well. Yours, Laurenz Albe
