Ticket #1795 (closed defect: fixed)

Opened 13 months ago

Last modified 6 weeks ago

spatial_ref_sys, geometry_columns, raster views should be publicly readable

Reported by: robe Owned by: strk
Priority: medium Milestone: PostGIS 2.1.0
Component: build/upgrade/install Version: 2.0.x
Keywords: history Cc:

Description

This is probably something we should do for 1.5 as well but at least for extensions, all works out of the box except if you are using an account other than the one you installed extensions with, you have to explicitly grant permissions to public for spatial_ref_sys and I'm guessing geometry_columns as well.

I don't see why we can't always have an explicit public on these as part of the install process. geometry_columns,raster_columns etc now that they are all views are safe to make public since I believe we now only list tables that are visible to the user querying the view, so there is no risk of them seeing tables listed they have no access to.

Change History

Changed 13 months ago by robe

hmm forgot also geography_columns

Changed 13 months ago by strk

At that point also public usage on topology (for calling functions) and select on topology.topology and topology.layer ? For creating topologies you'll also need schema creation rights, but even without you should be able to read existing ones.

I'm not sure permissions should be tweaked by the default install script. It would be up to the DBA to decide what to do with which roles.

Maybe we could provide utility SQL scripts to do it in one way (the way we think makes more sense). It should be checked if existence of "public" can be relied upon.

Changed 11 months ago by robe

  • milestone changed from PostGIS 2.0.1 to PostGIS 2.1.0

Changed 6 months ago by robe

I'm not really quite sure what you mean by existence of public. public group always exists though public schema may not. anyrate like I said topology aside, I see no reason why we can't make geometry_columns, geography_columns, raster_columns, spatial_ref_sys publically readable since they are already internally limited by the account viewing it (minus -- spatial_ref_sys), but hey spatial_ref_sys is pretty much the same across all postgis dbs so what's the big deal with people seeing what is in there.

Changed 6 months ago by pramsey

Do it.

Changed 6 months ago by robe

do it for 2.0 or just 2.1?

Changed 6 months ago by pramsey

2.1, it's too large a change for 2.0

Changed 6 months ago by robe

done at r10750. raster_columns, raster_views, spatial_ref_sys, geometry_columns, geography_columns are all public viewable on install.

The only issue is that the GRANT command is being stripped for geometry_columns, geography_columns, spatial_ref_sys for upgrades. Do we want that? I'm scared of that perl script so don't want to touch it.

I also did not touch topology since those really ARE tables so we might have security concerns there since what is listed can't be protected by internal logic check of view.

Changed 6 weeks ago by robe

  • keywords history added
  • status changed from new to closed
  • resolution set to fixed

In making my last change to postgis.sql.in, I noticed this is already done. Maybe I just forgot to close it out.

Note: See TracTickets for help on using tickets.