At Wed, 08 Jun 2022 12:09:27 +0900 (JST), Kyotaro Horiguchi <horikyota....@gmail.com> wrote in > At Wed, 08 Jun 2022 04:38:02 +0200, Laurenz Albe <laurenz.a...@cybertec.at> > wrote in > > If anything, it should be done in the FDW, because it is only necessary if > > the > > FDW calls the remote site during planning. > > > > The question is: is this a bug in postgres_fdw that should be fixed? > > It's depends on what we think about allowing remote access trials > through unprivileged foreign table in any style. It won't be a > problem if the system is configured appropriately but too-frequent > estimate accesses via unprivileged foreign tables might be regarded as > an attack attempt.
In other words, I don't think it's not a bug and no need to fix. If one want to prevent such estimate accesses via unprivileged foreign tables, it is enough to prevent non-privileged users from having a user mapping. This might be worth documenting? regards. -- Kyotaro Horiguchi NTT Open Source Software Center
