projects / users / simon / postgres.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a60e6a0) | patch
The original patch to disallow non-passworded connections to non-superusers
authorTom Lane <tgl@sss.pgh.pa.us>
Thu, 3 Jan 2008 21:29:07 +0000 (21:29 +0000)
committerTom Lane <tgl@sss.pgh.pa.us>
Thu, 3 Jan 2008 21:29:07 +0000 (21:29 +0000)
commitd3b3ca9277f8a5b0eb24010f61fe9591711ae33e
tree4eaa3c11ccba655df39105a7e23a9adf13ae83cetree
parenta60e6a0fcec97d7fbec98739d96cfd14dd3fb71bcommit | diff
The original patch to disallow non-passworded connections to non-superusers
failed to cover all the ways in which a connection can be initiated in dblink.
Plug the remaining holes.  Also, disallow transient connections in functions
for which that feature makes no sense (because they are only sensible as
part of a sequence of operations on the same connection).  Joe Conway

Security: CVE-2007-6601
contrib/dblink/dblink.c diff | blob | blame | history
contrib/dblink/expected/dblink.out diff | blob | blame | history
contrib/dblink/sql/dblink.sql diff | blob | blame | history
Simon's dev repository