[Tile-serving] [osm2pgsql-dev/osm2pgsql] Properly set schema for osm2pgsql_find_changed_ways() (PR #2261)
Falko Galperin
notifications at github.com
Wed Oct 2 20:46:32 UTC 2024
A temporary function `osm2pgsql_find_changed_ways` may be created during the update process, which has been placed under the `public` schema, regardless of any chosen custom schema. This is a problem if one implements security based on schemas, e.g., by assigning a custom schema for osm2pgsql and restricting it from accessing `public` elements (as mentioned at the end of [section 3.3](https://osm2pgsql.org/doc/manual.html#security-considerations) of the manual).
This PR fixes that by using the configured schema. Additionally, tests are added in which a situation like the above is simulated (e.g., a user that can only access a custom schema and not `public`). Please tell me if there's anything I should improve/change before this can be merged.
You can view, comment on, or merge this pull request online at:
https://github.com/osm2pgsql-dev/osm2pgsql/pull/2261
-- Commit Summary --
* Properly set schema for osm2pgsql_find_changed_ways()
* Add tests to make sure no schema except specified one is touched
-- File Changes --
M src/middle-pgsql.cpp (6)
M src/pgsql-params.hpp (7)
M tests/common-import.hpp (4)
M tests/common-options.hpp (14)
M tests/test-output-flex-update.cpp (156)
-- Patch Links --
https://github.com/osm2pgsql-dev/osm2pgsql/pull/2261.patch
https://github.com/osm2pgsql-dev/osm2pgsql/pull/2261.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/osm2pgsql-dev/osm2pgsql/pull/2261
You are receiving this because you are subscribed to this thread.
Message ID: <osm2pgsql-dev/osm2pgsql/pull/2261 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/tile-serving/attachments/20241002/ce5648de/attachment.htm>
More information about the Tile-serving
mailing list