Re: [postgis-users] Why use C procedurals for Postgres
I'm on RedHat 5 Enterprise. I have installed PostgreSQL 8.4.2 and Postgis 1.5.2 I have not customized PostgreSQL or Postgis installation. > From: nicklas.a...@jordogskog.no > To: postgis-users@postgis.refractions.net > Date: Fri, 21 Jan 2011 15:13:52 +0100 > Subject: Re: [postgis-users] Why use C procedurals for Postgres > > Hallo > > You should not need do change any security settings that is default in > PostgreSQL to run PostGIS. > But if there is some security setting that that is customized to not > allow C-langage functions there will be problems since PostGIS is > written in C. > > But if you have not customized any security settings in PostgreSQL this > is just a symptom of something els. > > What OS are you running? > > /Nicklas > > > > > On Fri, 2011-01-21 at 13:44 +, Rudy COMMENGE wrote: > > Hello, > > > > I have installed Postgis with PostgreSQL. > > When I try to send postgis.sql to PostgreSQL, I have an error > > notifying C is not trusted. > > So I think I have found a solution : I disable the security with this > > request "UPDATE pg_language SET lanpltrusted=true WHERE lanname='c';" > > > > But this is a security, so is there another solution without disable ? > > If not, why Postgis need to bypass a PostgreSQL security ? > > > > Regards, > > > > RudyWI > > ___ > > postgis-users mailing list > > postgis-users@postgis.refractions.net > > http://postgis.refractions.net/mailman/listinfo/postgis-users > > > ___ > postgis-users mailing list > postgis-users@postgis.refractions.net > http://postgis.refractions.net/mailman/listinfo/postgis-users ___ postgis-users mailing list postgis-users@postgis.refractions.net http://postgis.refractions.net/mailman/listinfo/postgis-users
Re: [postgis-users] Why use C procedurals for Postgres
On 21/01/11 13:44, Rudy COMMENGE wrote: Hello, I have installed Postgis with PostgreSQL. When I try to send postgis.sql to PostgreSQL, I have an error notifying C is not trusted. So I think I have found a solution : I disable the security with this request "UPDATE pg_language SET lanpltrusted=true WHERE lanname='c';" But this is a security, so is there another solution without disable ? If not, why Postgis need to bypass a PostgreSQL security ? Regards, RudyWI Hi Rudy, Only the PostgreSQL super-user can install C functions into the database, and for good reason. A C function can execute any code in the context of the database, and so your change above has opened up a big security hole in your database - I strongly recommend you change it back. Note that once you've installed PostGIS as the database super-user, you can always use ALTER TABLE...OWNER... to change the ownership of your tables back to your normal (non-super) user. HTH, Mark. -- Mark Cave-Ayland - Senior Technical Architect PostgreSQL - PostGIS Sirius Corporation plc - control through freedom http://www.siriusit.co.uk t: +44 870 608 0063 Sirius Labs: http://www.siriusit.co.uk/labs ___ postgis-users mailing list postgis-users@postgis.refractions.net http://postgis.refractions.net/mailman/listinfo/postgis-users
Re: [postgis-users] Why use C procedurals for Postgres
Hallo You should not need do change any security settings that is default in PostgreSQL to run PostGIS. But if there is some security setting that that is customized to not allow C-langage functions there will be problems since PostGIS is written in C. But if you have not customized any security settings in PostgreSQL this is just a symptom of something els. What OS are you running? /Nicklas On Fri, 2011-01-21 at 13:44 +, Rudy COMMENGE wrote: > Hello, > > I have installed Postgis with PostgreSQL. > When I try to send postgis.sql to PostgreSQL, I have an error > notifying C is not trusted. > So I think I have found a solution : I disable the security with this > request "UPDATE pg_language SET lanpltrusted=true WHERE lanname='c';" > > But this is a security, so is there another solution without disable ? > If not, why Postgis need to bypass a PostgreSQL security ? > > Regards, > > RudyWI > ___ > postgis-users mailing list > postgis-users@postgis.refractions.net > http://postgis.refractions.net/mailman/listinfo/postgis-users ___ postgis-users mailing list postgis-users@postgis.refractions.net http://postgis.refractions.net/mailman/listinfo/postgis-users
[postgis-users] Why use C procedurals for Postgres
Hello, I have installed Postgis with PostgreSQL. When I try to send postgis.sql to PostgreSQL, I have an error notifying C is not trusted. So I think I have found a solution : I disable the security with this request "UPDATE pg_language SET lanpltrusted=true WHERE lanname='c';" But this is a security, so is there another solution without disable ? If not, why Postgis need to bypass a PostgreSQL security ? Regards, RudyWI ___ postgis-users mailing list postgis-users@postgis.refractions.net http://postgis.refractions.net/mailman/listinfo/postgis-users