Provided by: postgres-xc-doc_1.1-2ubuntu2_all 
NAME
dblink_connect_u - opens a persistent connection to a remote database, insecurely
SYNOPSIS
dblink_connect_u(text connstr) returns text
dblink_connect_u(text connname, text connstr) returns text
DESCRIPTION
Note
The following description applies only to Postgres-XC
dblink module has not been tested with Postges-XC yet. Although there're no reason that
dblink does not run in Postgres-XC, the development team leaves the test and the use of
this module entirely to users.
This section is identical to the corresponding PostgreSQL reference manual.
Note
The following description applies only to PostgreSQL
dblink_connect_u() is identical to dblink_connect(), except that it will allow
non-superusers to connect using any authentication method.
If the remote server selects an authentication method that does not involve a password,
then impersonation and subsequent escalation of privileges can occur, because the session
will appear to have originated from the user as which the local PostgreSQL server runs.
Also, even if the remote server does demand a password, it is possible for the password to
be supplied from the server environment, such as a ~/.pgpass file belonging to the
server's user. This opens not only a risk of impersonation, but the possibility of
exposing a password to an untrustworthy remote server. Therefore, dblink_connect_u() is
initially installed with all privileges revoked from PUBLIC, making it un-callable except
by superusers. In some situations it may be appropriate to grant EXECUTE permission for
dblink_connect_u() to specific users who are considered trustworthy, but this should be
done with care. It is also recommended that any ~/.pgpass file belonging to the server's
user not contain any records specifying a wildcard host name.
For further details see dblink_connect().