Re: [HACKERS] postgres_fdw super user checks

2017-10-12 Thread Stephen Frost
Robert, all, * Robert Haas (robertmh...@gmail.com) wrote: > On Thu, Oct 5, 2017 at 1:02 PM, Jeff Janes wrote: > > I don't see a reason to block a directly-logged-in superuser from using a > > mapping. I asked in the closed list whether the current (released) > > behavior

Re: [HACKERS] postgres_fdw super user checks

2017-10-12 Thread Robert Haas
On Thu, Oct 5, 2017 at 1:02 PM, Jeff Janes wrote: > I don't see a reason to block a directly-logged-in superuser from using a > mapping. I asked in the closed list whether the current (released) > behavior was a security bug, and the answer was no. And I don't know why >

Re: [HACKERS] postgres_fdw super user checks

2017-10-05 Thread Simon Riggs
On 4 October 2017 at 18:13, Jeff Janes wrote: > On Thu, Sep 14, 2017 at 1:08 PM, Robert Haas wrote: >> >> On Thu, Sep 14, 2017 at 2:33 PM, Jeff Janes wrote: >> > I think that foreign tables ought to behave as views do, where

Re: [HACKERS] postgres_fdw super user checks

2017-10-05 Thread Nico Williams
On Thu, Sep 14, 2017 at 04:08:08PM -0400, Robert Haas wrote: > On Thu, Sep 14, 2017 at 2:33 PM, Jeff Janes wrote: > > I think that foreign tables ought to behave as views do, where they run as > > the owner rather than the invoker. No one has talked me out of it, but no > >

Re: [HACKERS] postgres_fdw super user checks

2017-10-05 Thread Jeff Janes
On Thu, Oct 5, 2017 at 6:44 AM, Robert Haas wrote: > On Wed, Oct 4, 2017 at 6:13 PM, Jeff Janes wrote: > > OK. And if you want the first one, you can wrap it in a view currently, > but > > if it were changed I don't know what you would do if you

Re: [HACKERS] postgres_fdw super user checks

2017-10-05 Thread Robert Haas
On Wed, Oct 4, 2017 at 6:13 PM, Jeff Janes wrote: > OK. And if you want the first one, you can wrap it in a view currently, but > if it were changed I don't know what you would do if you want the 2nd one > (other than having every user create their own set of foreign

Re: [HACKERS] postgres_fdw super user checks

2017-10-04 Thread Jeff Janes
On Thu, Sep 14, 2017 at 1:08 PM, Robert Haas wrote: > On Thu, Sep 14, 2017 at 2:33 PM, Jeff Janes wrote: > > I think that foreign tables ought to behave as views do, where they run > as > > the owner rather than the invoker. No one has talked me out

Re: [HACKERS] postgres_fdw super user checks

2017-09-16 Thread Andreas Karlsson
On 09/14/2017 08:33 PM, Jeff Janes wrote:> Attached is a new patch which fixes the style issue you mentioned. Thanks, the patch looks good no,w and as far as I can tell there was no need to update the comments or the documentation so I am setting this as ready for committer. Andreas --

Re: [HACKERS] postgres_fdw super user checks

2017-09-14 Thread Robert Haas
On Thu, Sep 14, 2017 at 2:33 PM, Jeff Janes wrote: > I think that foreign tables ought to behave as views do, where they run as > the owner rather than the invoker. No one has talked me out of it, but no > one has supported me on it either. But I think it is too late to

Re: [HACKERS] postgres_fdw super user checks

2017-09-14 Thread Jeff Janes
On Tue, Sep 12, 2017 at 1:13 AM, Andreas Karlsson wrote: > On 07/27/2017 09:45 PM, Jeff Janes wrote:> Here is an updated patch. This > version allows you use the password-less > >> connection if you either are the super-user directly (which is the >> existing committed

Re: [HACKERS] postgres_fdw super user checks

2017-09-12 Thread Andreas Karlsson
On 07/27/2017 09:45 PM, Jeff Janes wrote:> Here is an updated patch.  This version allows you use the password-less connection if you either are the super-user directly (which is the existing committed behavior), or if you are using the super-user's mapping because you are querying a

Re: [HACKERS] postgres_fdw super user checks

2017-07-27 Thread Jeff Janes
On Thu, Dec 1, 2016 at 7:11 PM, Haribabu Kommi wrote: > On Tue, Oct 18, 2016 at 10:38 AM, Michael Paquier < > michael.paqu...@gmail.com> wrote: > >> On Mon, Oct 17, 2016 at 10:51 PM, Robert Haas >> wrote: >> > On Mon, Oct 17, 2016 at 2:18 AM,

Re: [HACKERS] postgres_fdw super user checks

2016-12-01 Thread Haribabu Kommi
On Tue, Oct 18, 2016 at 10:38 AM, Michael Paquier wrote: > On Mon, Oct 17, 2016 at 10:51 PM, Robert Haas > wrote: > > On Mon, Oct 17, 2016 at 2:18 AM, Michael Paquier > > wrote: > >> On Mon, Oct 17, 2016 at 3:33 AM,

Re: [HACKERS] postgres_fdw super user checks

2016-10-17 Thread Michael Paquier
On Mon, Oct 17, 2016 at 10:51 PM, Robert Haas wrote: > On Mon, Oct 17, 2016 at 2:18 AM, Michael Paquier > wrote: >> On Mon, Oct 17, 2016 at 3:33 AM, Jeff Janes wrote: >>> postgres_fdw has some checks to enforce that

Re: [HACKERS] postgres_fdw super user checks

2016-10-17 Thread Robert Haas
On Mon, Oct 17, 2016 at 2:18 AM, Michael Paquier wrote: > On Mon, Oct 17, 2016 at 3:33 AM, Jeff Janes wrote: >> postgres_fdw has some checks to enforce that non-superusers must connect to >> the foreign server with a password-based method. The

Re: [HACKERS] postgres_fdw super user checks

2016-10-17 Thread Ashutosh Bapat
On Mon, Oct 17, 2016 at 11:48 AM, Michael Paquier wrote: > On Mon, Oct 17, 2016 at 3:33 AM, Jeff Janes wrote: >> postgres_fdw has some checks to enforce that non-superusers must connect to >> the foreign server with a password-based method. The

Re: [HACKERS] postgres_fdw super user checks

2016-10-17 Thread Ashutosh Bapat
On Mon, Oct 17, 2016 at 12:03 AM, Jeff Janes wrote: > postgres_fdw has some checks to enforce that non-superusers must connect to > the foreign server with a password-based method. The reason for this is to > prevent the authentication to the foreign server from happening

Re: [HACKERS] postgres_fdw super user checks

2016-10-17 Thread Michael Paquier
On Mon, Oct 17, 2016 at 3:33 AM, Jeff Janes wrote: > postgres_fdw has some checks to enforce that non-superusers must connect to > the foreign server with a password-based method. The reason for this is to > prevent the authentication to the foreign server from happening on

[HACKERS] postgres_fdw super user checks

2016-10-16 Thread Jeff Janes
postgres_fdw has some checks to enforce that non-superusers must connect to the foreign server with a password-based method. The reason for this is to prevent the authentication to the foreign server from happening on the basis of the OS user who is running the non-foreign server. But I think