Обсуждение: DBLink's default user: postgres

Is this the regular behavior on DBLink?<br /><br />rot=> SELECT user, current_database();<br /> current_user |
current_database<br/>--------------+------------------<br /> sa_rot       | rot<br />(1 registro)<br /><br />rot=>
SELECT* <br />rot-> FROM dblink('dbname=escola',<br />rot(> 'SELECT user, current_database()')<br />rot-> AS
(usrname, db name);<br />   usr    |   db<br />----------+--------<br /> postgres | escola<br />(1 registro) <br /><br
/>Thisway, I fear DBLink functions should become a vulnerability issue on my database.<br />Is there any way to protect
oroverride this setting? Or it should be done on pg_hba.conf only?<br clear="all" /><br />-- <br />Regards, <br /><br
/>RodrigoHjort<br /><a href="http://icewall.org/~hjort">http://icewall.org/~hjort</a><br /><br /> 

Rodrigo Hjort wrote:
> Is this the regular behavior on DBLink?
>
> rot=> SELECT user, current_database();
>  current_user | current_database
> --------------+------------------
>  sa_rot       | rot
> (1 registro)
>
> rot=> SELECT *
> rot-> FROM dblink('dbname=escola',
> rot(> 'SELECT user, current_database()')
> rot-> AS (usr name, db name);
>    usr    |   db
> ----------+--------
>  postgres | escola
> (1 registro)
>
> This way, I fear DBLink functions should become a vulnerability issue 
> on my database.
> Is there any way to protect or override this setting? Or it should be 
> done on pg_hba.conf only?

This issue has been thoroughly discussed before. You can read more about 
it in f.ex these threads:
http://archives.postgresql.org/pgsql-hackers/2007-06/msg00678.php

http://archives.postgresql.org/pgsql-patches/2007-07/msg00000.php

-- 
Tommy Gildseth