Marcin Borkowski <mbork@xxxxxxxx> writes: > I noticed that the docs for postgres_fdw lack the clause about it being > "trusted". Does that mean that `create extension postgres_fdw` poses > any known security risks? If so, what should I do to minimize them? It's a definitional question I guess. We don't mark anything trusted if it can be used to cause outside-the-database effects; and in this case the ability to connect to other databases qualifies as that. regards, tom lane