dblink_connect_u(text connstr) returns text
dblink_connect_u(text connname, text connstr) returns text
dblink_connect_u() is identical to
dblink_connect(), except that it will allow non-superusers
to connect using any authentication method.
If the remote server selects an authentication method that does not
involve a password, then impersonation and subsequent escalation of
privileges can occur, because the session will appear to have
originated from the user as which the local PostgreSQL
server runs. Therefore, dblink_connect_u() is initially
installed with all privileges revoked from PUBLIC,
making it un-callable except by superusers. In some situations
it may be appropriate to grant EXECUTE permission for
dblink_connect_u() to specific users who are considered
trustworthy, but this should be done with care.
For further details see dblink_connect().