Re: dblink connection security

Joe Conway <mail@joeconway.com> writes:
> Attached patch implements this proposal, including documentation
> changes. I'll work separately on the back-branch version.

> Any comments/objections?

Looks OK in a fast scan, except that you are not following the message
style guidelines here:

> +             ereport(ERROR,
> +                     (errcode(ERRCODE_S_R_E_PROHIBITED_SQL_STATEMENT_ATTEMPTED),
> +                      errmsg("connection without password not allowed"),
> +                      errdetail("non-superuser cannot connect if server does not request password"),
> +                      errhint("target server authentication method must be changed")));

The guidelines say errdetail and errhint messages should be full
sentences (with initial cap and trailing period).  Also possibly
"Target server's auth..." would read better.  Also, I'd personally not
leave the "is" out of the errmsg, though that part is surely a judgment
call.  Or maybe it should be just errmsg("password is required")?

            regards, tom lane