[postgis-users] Securing postgis

Karl O. Pinc kop at meme.com
Wed Mar 2 07:17:51 PST 2011

On 03/02/2011 03:11:20 AM, Maria Arias de Reyna wrote:
> El Tuesday 01 March 2011, Karl O. Pinc escribió:
> > Hi,
> > 
> > I have a number of users each of which has their
> > own schema.  I don't want the users to be able
> > to enable/disable the geospatialness of anyone
> > else's columns.  What's the right way to
> > secure postgis so as to prevent this?  It seems
> > that a single, global, geometry_columns is the
> > problem.

> What if you write a trigger on every delete/update on the
> geometry_columns 
> table? This trigger can cancel the delete/update if the user has no 
> "permission" for that row. 

Yes, I've been thinking more about this and have come to
the same conclusion you have.  The right way to go is
to put triggers on geometry_columns that check permissions
against what's granted on the column holding the geometry

Any clue if this would be something I could send in
as a patch to the postgis project?

Karl <kop at meme.com>
Free Software:  "You don't pay back, you pay forward."
                 -- Robert A. Heinlein

More information about the postgis-users mailing list