On 03/02/2011 03:11:20 AM, Maria Arias de Reyna wrote:
> El Tuesday 01 March 2011, Karl O. Pinc escribió:
> > Hi,
> >
> > I have a number of users each of which has their
> > own schema. I don't want the users to be able
> > to enable/disable the geospatialness of anyone
> > else's columns. What's the right way to
> > secure postgis so as to prevent this? It seems
> > that a single, global, geometry_columns is the
> > problem.
> What if you write a trigger on every delete/update on the
> geometry_columns
> table? This trigger can cancel the delete/update if the user has no
> "permission" for that row.
Yes, I've been thinking more about this and have come to
the same conclusion you have. The right way to go is
to put triggers on geometry_columns that check permissions
against what's granted on the column holding the geometry
data.
Any clue if this would be something I could send in
as a patch to the postgis project?
Karl <k...@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
_______________________________________________
postgis-users mailing list
postgis-users@postgis.refractions.net
http://postgis.refractions.net/mailman/listinfo/postgis-users
