Marcin Borkowski <mb...@mbork.pl> writes: > I noticed that the docs for postgres_fdw lack the clause about it being > "trusted". Does that mean that `create extension postgres_fdw` poses > any known security risks? If so, what should I do to minimize them?
It's a definitional question I guess. We don't mark anything trusted
if it can be used to cause outside-the-database effects; and in this
case the ability to connect to other databases qualifies as that.
regards, tom lane
