[postgis-devel] Allowing use of PostGIS EXTENSION w/out raster

Greg Troxel gdt at lexort.com
Mon Oct 9 05:20:51 PDT 2017

(splitting replies a bit)

Sandro Santilli <strk at kbt.io> writes:

> On Sun, Oct 08, 2017 at 08:09:20PM -0400, Greg Troxel wrote:
>> I think the answer is that if nothing in pgsql depends on gdal, then you
>> don't have to have gdal on the machine, and gdal library changes don't
>> make you do anything.  But I'm not really sure that's the point.
> Yes, that's one point. Another is reducing the set of available
> functionality to reduce security risks. As an example for security
> risk, until recently PostGIS had a security issue giving access to any
> file on the system to whoever had access to postgis, due to functions
> in the raster component.

That makes sense, and I should have thought of that.   It's probably the
larger issue, so having the extension in the filesystem and gdal
installed is not so bad, compared to having it loaded.

One thing that seems strange is that I can install postgis under my uid,
and then the code runs as postgres (at least the core dumps from raster
are that way :-).  Perhaps that's only ok because I am a pgsql
superuser, and a regular user will need dba to install into their
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20171009/b9a68542/attachment.sig>

More information about the postgis-devel mailing list