| From: | Christoph Berg <myon(at)debian(dot)org> |
|---|---|
| To: | Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Allow 'sslkey' and 'sslcert' in postgres_fdw user mappings |
| Date: | 2020-01-09 10:45:11 |
| Message-ID: | 20200109104511.GB4192@msg.df7cb.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Re: To Andrew Dunstan 2020-01-09 <20200109103014(dot)GA4192(at)msg(dot)df7cb(dot)de>
> sslcert/sslkey options can only be set/modified by superusers when
> "password_required" is set. But when password_required is not set, any
> user and create user mappings that reference arbitrary files on the
> server filesystem.
(A nice addition here which would avoid the problems would be the
possibility to pass in the certificates as strings, but that needs
support in libpq.)
Christoph
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2020-01-09 10:51:38 | Re: logical decoding : exceeded maxAllocatedDescs for .spill files |
| Previous Message | Amit Kapila | 2020-01-09 10:33:30 | Re: [HACKERS] Block level parallel vacuum |