Feature request dblink: Security issue - dblink user+password parameters must be optional
When creating a view via DBLINK, the user=... and password=...
parameters shall be optional. If they are left out, then the current
user accessing the view shall be impersonated implicitely to the
"dblinked" database as well. Forcing anybody to hardcode a password
readable within the view definition should be an absolute DON'T!
Haven't found a better place to post this request. Hope the author of
dblink is reading it here, too. :-)
On 1/28/09, Hermann Muster <Hermann.Muster@gmx.de> wrote:
When creating a view via DBLINK, the user=... and password=... parameters
shall be optional. If they are left out, then the current user accessing the
view shall be impersonated implicitely to the "dblinked" database as well.
Forcing anybody to hardcode a password readable within the view definition
should be an absolute DON'T!Haven't found a better place to post this request. Hope the author of
dblink is reading it here, too. :-)
I think this will be properly fixed by SQL-MED connection handling in 8.4.
In older version maybe you can use wrapper function around dblink
that constructs per-user connect string.
--
marko