| PostgreSQL 8.3.16 Documentation | ||||
|---|---|---|---|---|
| Prev | Fast Backward | Fast Forward | Next | |
    dblink_connect_u(text connstr) returns text
    dblink_connect_u(text connname, text connstr) returns text
       dblink_connect_u() is identical to
    dblink_connect(), except that it will allow non-superusers
    to connect using any authentication method.
   
    If the remote server selects an authentication method that does not
    involve a password, then impersonation and subsequent escalation of
    privileges can occur, because the session will appear to have
    originated from the user as which the local PostgreSQL
    server runs.  Therefore, dblink_connect_u() is initially
    installed with all privileges revoked from PUBLIC,
    making it un-callable except by superusers.  In some situations
    it may be appropriate to grant EXECUTE permission for
    dblink_connect_u() to specific users who are considered
    trustworthy, but this should be done with care.
   
    For further details see dblink_connect().