Andrew Sullivan <[EMAIL PROTECTED]> writes: > On Mon, Jul 21, 2008 at 09:32:57PM -0400, Tom Lane wrote: >> "Marko Kreen" <[EMAIL PROTECTED]> writes: >>> 2. If cluster connection strings do not have 'user=' key, >>> ' user=' || current_username() is appended to it. >> >> Cool, I missed that. At minimum the documentation has to explain this >> point and emphasize the security implications. Is it a good idea >> to allow user= in the cluster strings at all?
> I wondered about this myself. Is there anything at all preventing me > from doing 'user=' for some other user? If not. . . I think the assumption is that the cluster connection info would be set up by a superuser. However, if there's any way for a non-superuser to subvert the info returned by the plproxy configuration functions, you got trouble. So a lot would depend on how carefully those are coded. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers