Gregory Stark <[EMAIL PROTECTED]> writes:
> My objection is that I think we should still revoke access for non-superuser
> by default. The patch makes granting execute reasonable for most users but
> nonetheless it shouldn't be the default.

> Being able to connect to a postgres server shouldn't mean being able to open
> tcp connections *from* that server to arbitrary other host/ports.

You forget that dblink isn't even installed by default.  I could see
having some more verbiage in the documentation explaining these possible
security risks, but making it unusable is an overreaction.

                        regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to