Re: dblink connection security

Tom Lane wrote:
> Robert Treat <xzilla@users.sourceforge.net> writes:
>> Did you mean s/trust/ident/g, otherwise I don't think I understand the
>> above...
>
> Both trust and ident local auth are sources of risk for this, although
> ident is particularly nasty since the DBA probably thinks he's being
> secure.
>
> For that matter, I'm not sure that *any* auth method except password
> offers much security against the problem; don't LDAP and Kerberos
> likewise rely mostly on process-level identity?  And possibly PAM
> depending on which PAM plugin you're using?

LDAP is not affected - it requires the user to enter a password. Same
would be for any PAM plugins that actually require the user to enter a
password, I think.

Kerberos is not affected either, because the server does not get a copy
of the ticket. In theory it could be affected if the server requested a
delegation enabled ticket, and exported it so it could be used, but none
of these are done.

//Magnus