[postgis-users] Securing postgis
Karl O. Pinc
kop at meme.com
Wed Mar 2 08:56:51 PST 2011
On 03/02/2011 10:42:17 AM, Mark Cave-Ayland wrote:
> On 02/03/11 16:30, Karl O. Pinc wrote:
> > I'm unfamiliar with geography_columns. What is the security
> > model? Can anyone do anything like with geography_columns?
> >
> > If it's a view then would it be possible to put triggers
> > on the underlying tables? Where would I look in the code?
>
> It's still under discussion, but the view is generated automatically
> by
> querying the system catalogues to pull out the spatial columns (i.e.
> it
> can't be altered, but users will be able to see other users' spatial
> columns in there).
If you wanted I suppose you could have such a view check permissions
and thereby avoid revealing such information to unauthorized users.
Just a thought.
>
> This means that AddGeographyColumn() and DropGeometryColumn() can
> just
>
> add/remove the column from the table directly, so this can only
> happen
>
> on tables for which the current role has SQL permissions.
I get it now. They're "real" data types.
Great. That's really what I want.
Thanks for all the help. If I decide to go ahead and write
some triggers I'll post the results to the wiki. Seeing as
how there's plans in the works to address the problem I probably
won't do anything at all unless a problem arises at my end.
Karl <kop at meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
More information about the postgis-users
mailing list