One Hat Cyber Team
Your IP :
216.73.216.115
Server IP :
194.44.31.54
Server :
Linux zen.imath.kiev.ua 4.18.0-553.77.1.el8_10.x86_64 #1 SMP Fri Oct 3 14:30:23 UTC 2025 x86_64
Server Software :
Apache/2.4.37 (Rocky Linux) OpenSSL/1.1.1k
PHP Version :
5.6.40
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
pgsql-13
/
share
/
man
/
man3
/
View File Name :
dblink_connect_u.3
'\" t .\" Title: dblink_connect_u .\" Author: The PostgreSQL Global Development Group .\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/> .\" Date: 2023 .\" Manual: PostgreSQL 13.13 Documentation .\" Source: PostgreSQL 13.13 .\" Language: English .\" .TH "DBLINK_CONNECT_U" "3" "2023" "PostgreSQL 13.13" "PostgreSQL 13.13 Documentation" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" dblink_connect_u \- opens a persistent connection to a remote database, insecurely .SH "SYNOPSIS" .sp .nf dblink_connect_u(text connstr) returns text dblink_connect_u(text connname, text connstr) returns text .fi .SH "DESCRIPTION" .PP \fBdblink_connect_u()\fR is identical to \fBdblink_connect()\fR, except that it will allow non\-superusers to connect using any authentication method\&. .PP If the remote server selects an authentication method that does not involve a password, then impersonation and subsequent escalation of privileges can occur, because the session will appear to have originated from the user as which the local PostgreSQL server runs\&. Also, even if the remote server does demand a password, it is possible for the password to be supplied from the server environment, such as a ~/\&.pgpass file belonging to the server\*(Aqs user\&. This opens not only a risk of impersonation, but the possibility of exposing a password to an untrustworthy remote server\&. Therefore, \fBdblink_connect_u()\fR is initially installed with all privileges revoked from PUBLIC, making it un\-callable except by superusers\&. In some situations it may be appropriate to grant EXECUTE permission for \fBdblink_connect_u()\fR to specific users who are considered trustworthy, but this should be done with care\&. It is also recommended that any ~/\&.pgpass file belonging to the server\*(Aqs user \fInot\fR contain any records specifying a wildcard host name\&. .PP For further details see \fBdblink_connect()\fR\&.