From cebf9d6e6ee13cbf9f1a91ec633cf96780ffc985 Mon Sep 17 00:00:00 2001
From: Andrew Dunstan <andrew@dunslane.net>
Date: Mon, 13 Jan 2020 18:08:09 +1030
Subject: Only superuser can set sslcert/sslkey in postgres_fdw user mappings

Othrwise there is a security risk.

Discussion: https://postgr.es/m/20200109103014.GA4192@msg.df7cb.de
---
 doc/src/sgml/postgres-fdw.sgml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'doc/src')

diff --git a/doc/src/sgml/postgres-fdw.sgml b/doc/src/sgml/postgres-fdw.sgml
index 812e62cb363..94992be4272 100644
--- a/doc/src/sgml/postgres-fdw.sgml
+++ b/doc/src/sgml/postgres-fdw.sgml
@@ -130,7 +130,7 @@
      </listitem>
      <listitem>
       <para>
-       <literal>sslkey</literal> and <literal>sslpassword</literal> - these may
+       <literal>sslkey</literal> and <literal>sslcert</literal> - these may
        appear in <emphasis>either or both</emphasis> a connection and a user
        mapping. If both are present, the user mapping setting overrides the
        connection setting.
@@ -139,6 +139,10 @@
     </itemizedlist>
    </para>
 
+   <para>
+    Only superusers may create or modify user mappings with the
+    <literal>sslcert</literal> or <literal>sslkey</literal> settings.
+   </para>
    <para>
     Only superusers may connect to foreign servers without password
     authentication, so always specify the <literal>password</literal> option
-- 
cgit v1.2.3