Re: Bugtraq: Having Fun With PostgreSQL

Gregory Stark <stark@enterprisedb.com> writes:
> All that really has to happen is that dblink should by default not be
> callable by any user other than Postgres.

Yeah, that is not an unreasonable change.  Someone suggested it far
upthread, but we seem to have gotten distracted :-(

> The only problem with this is that dblink provides 36 different functions

I think just having the install script revoke public execute access
on the connection-establishing functions would be sufficient.  There
are only two of 'em.
        regards, tom lane