Context Navigation

← Previous Ticket
Next Ticket →

#4648 closed enhancement (fixed)

Have extension packaging scripts (FROM unpackage) check objects ownership

Reported by:	strk	Owned by:	strk
Priority:	medium	Milestone:	PostGIS 3.0.8
Component:	build	Version:
Keywords:	pg13	Cc:

Description

As per https://lists.osgeo.org/pipermail/postgis-devel/2020-February/028465.html if we want our packaging scripts to be safe we should check ownership of objects before adding them to our extension.

Objects not owned by a superuser should not be packaged.

Change History (12)

comment:1 by robe, 4 years ago

Component:	postgis → build/upgrade/install
Owner:	changed from pramsey to strk

comment:2 by pramsey, 4 years ago

Milestone:	PostGIS 3.1.0 → PostGIS Fund Me

comment:3 by robe, 18 months ago

Milestone:	PostGIS Fund Me → PostGIS 2.5.9

comment:4 by strk, 18 months ago

Milestone:	PostGIS 2.5.9
Resolution:	→ fixed
Status:	new → closed

This was fixed upstream in PostgreSQL itself: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=5579726bd60a6e7afb04a3548bced348cd5ffd89

comment:5 by Sandro Santilli <strk@…>, 18 months ago

In 06f49e8/git:

Check ownership of functions match that of extension upon packaging

References #4648

comment:6 by Sandro Santilli <strk@…>, 18 months ago

In af7d4657/git:

Check ownership of functions match that of extension upon packaging

References #4648 in 3.3 branch

comment:7 by Sandro Santilli <strk@…>, 18 months ago

In fa756dd/git:

Check ownership of functions match that of extension upon packaging

References #4648 in 3.2 branch (3.2.4dev)

comment:8 by Sandro Santilli <strk@…>, 18 months ago

In a8a9ec7c/git:

Add NEWS item about packaging checked ownership

References #4648 in 3.3 branch (3.3.2dev)

comment:9 by Sandro Santilli <strk@…>, 18 months ago

In 3442f4d/git:

Check ownership of functions match that of extension upon packaging

References #4648 in 3.1 branch (3.1.8dev)

comment:10 by Sandro Santilli <strk@…>, 18 months ago

In 6c1718af/git:

Check ownership of functions match that of extension upon packaging

References #4648 in 3.0 branch (3.0.8dev)

comment:11 by strk, 18 months ago

Milestone:	→ PostGIS 3.0.8
Version:	master

comment:12 by Sandro Santilli <strk@…>, 6 months ago

In e2bf40c/git:

Set ownership of packaged functions to extension owner

Still check that the functions were owned by a superuser.

References #4648
References #5545
References #5566

Note: See TracTickets for help on using tickets.

Download in other formats: