[postgis-devel] estimated_extent & pg_statistic

Mark Cave-Ayland m.cave-ayland at webbased.co.uk
Mon Feb 27 02:40:35 PST 2006


> From: postgis-devel-bounces at postgis.refractions.net
[mailto:postgis-devel-bounces at postgis.refractions.net] On Behalf Of Martin
Schäfer
> Sent: 24 February 2006 10:16
> To: PostGIS Development Discussion
> Subject: RE: [postgis-devel] estimated_extent & pg_statistic
>	
>	
> Hi Mark,
>	 
> It works fine with your changed code.
> However, only the 3-argument version of estimated_extent() will work. The
2-argument
> version still fails with the same error. So I guess the 'SECURITY DEFINER'
keywords
> should be added for each version of estimated_extent().
>	 
> Thanks for the fix.
>	 
> Martin


Hi Martin,

That is correct, you would need to update both versions. I'd like a quick
heads up from some of the other developers before committing a fix for this
to CVS. In particular, I'm thinking that we may need to add a check to
ensure that the session user has been GRANTed read privileges on the
specified table before we can return the extents (given that since this
function would now be running as a superuser it could potentially allow a
user to access information about a table that wouldn't normally be
available).


Anyone have any thoughts on this?

Mark.

------------------------
WebBased Ltd
17 Research Way
Plymouth
PL6 8BT

T: +44 (0)1752 797131
F: +44 (0)1752 791023

http://www.webbased.co.uk <http://www.webbased.co.uk/>   
http://www.infomapper.com <http://www.infomapper.com/> 
http://www.swtc.co.uk <http://www.swtc.co.uk/>  

This email and any attachments are confidential to the intended recipient
and may also be privileged. If you are not the intended recipient please
delete it from your system and notify the sender. You should not copy it or
use it for any purpose nor disclose or distribute its contents to any other
person.






More information about the postgis-devel mailing list