[postgis-users] Securing postgis
Karl O. Pinc
kop at meme.com
Tue Mar 1 13:23:13 PST 2011
Hi,
I have a number of users each of which has their
own schema. I don't want the users to be able
to enable/disable the geospatialness of anyone
else's columns. What's the right way to
secure postgis so as to prevent this? It seems
that a single, global, geometry_columns is the
problem.
I see a number of possibliities.
If geometry_coulumns is all that needs to be secured
I could create the table in each user's schema.
If there's a lot of other infrastructure that needs
to be duplicated this would not work as well --
the user's schemas would be all cluttered up.
But I can see where having multiple geometry_columns
tables could complicate an upgrade....
I could create a separate postgis schema for
each user, but that seems overkill and I'm not
at all clear on how $user is expanded in
the search_path and whether or not it'd be possible
to automatically have such schemas in the search
path.
then again I could just forget about it and
hope the users don't kill each other.
What's the best approach here?
Thanks.
Karl <kop at meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
More information about the postgis-users
mailing list