[Tile-serving] [openstreetmap/osm2pgsql] Document security practices for multi-user systems (#831)
Paul Norman
notifications at github.com
Tue Apr 17 02:35:23 UTC 2018
> Did you also evaluate if those recommendations are safe to apply in the context of osm2pgsql, or whether they would cause some issues?
It's often assumed that osm2pgsql will be run on the public schema, and that that's where PostGIS will be. Any of the techniques will work, but `REVOKE CREATE ON SCHEMA public FROM PUBLIC;` would be my preference, but then you also need to adjust the search_path to put the osm2pgsql tables somewhere else. PostGIS could remain in public.
>From a practical consideration, people running osm2pgsql and their renderer as superusers is a **far** bigger security hole than the search_path privilege escalation attacks. I see the former done all the time, and once you have superuser access, there's no more escalation to be done with database permissions.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/osm2pgsql/issues/831#issuecomment-381812533
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/tile-serving/attachments/20180417/8dc6e9b5/attachment.html>
More information about the Tile-serving
mailing list