From 0f72a996ff49d648e8801effd08a61ce98eb89e1 Mon Sep 17 00:00:00 2001
From: Regina Obe <lr@pcorp.us>
Date: Wed, 3 Apr 2013 22:53:01 +0000
Subject: [PATCH] #2258 get rid of explicit public (so people can install
 postgis in any schema they want), but insure we use security invoker to call
 new st_esimatedExtent to prevent malicious code injection.

git-svn-id: http://svn.osgeo.org/postgis/trunk@11249 b70326c6-7e19-0410-871a-916f4a2858ee
---
 postgis/postgis.sql.in | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/postgis/postgis.sql.in b/postgis/postgis.sql.in
index 7ea625899..a8ff6d78f 100644
--- a/postgis/postgis.sql.in
+++ b/postgis/postgis.sql.in
@@ -958,10 +958,11 @@ CREATE OR REPLACE FUNCTION ST_EstimatedExtent(text,text,text) RETURNS box2d AS
 -- Deprecation in 2.1.0 
 CREATE OR REPLACE FUNCTION ST_estimated_extent(text,text,text) RETURNS box2d AS
   $$ SELECT _postgis_deprecate('ST_Estimated_Extent', 'ST_EstimatedExtent', '2.1.0');
-    -- explicit schema for security reason
-    SELECT public.ST_EstimatedExtent($1, $2, $3);
+    -- We use security invoker instead of security definer 
+    -- to prevent malicious injection of a different same named function
+    SELECT ST_EstimatedExtent($1, $2, $3);
   $$
-	LANGUAGE 'sql' IMMUTABLE STRICT SECURITY DEFINER;
+	LANGUAGE 'sql' IMMUTABLE STRICT SECURITY INVOKER;
 
 -----------------------------------------------------------------------
 -- ST_ESTIMATED_EXTENT( <table name>, <column name> )
@@ -976,10 +977,12 @@ CREATE OR REPLACE FUNCTION ST_EstimatedExtent(text,text) RETURNS box2d AS
 -- Deprecation in 2.1.0 
 CREATE OR REPLACE FUNCTION ST_estimated_extent(text,text) RETURNS box2d AS
   $$ SELECT _postgis_deprecate('ST_Estimated_Extent', 'ST_EstimatedExtent', '2.1.0');
-    -- explicit schema for security reason
-    SELECT public.ST_EstimatedExtent($1, $2);
+    -- We use security invoker instead of security definer 
+    -- to prevent malicious injection of a same named different function
+    -- that would be run under elevated permissions
+    SELECT ST_EstimatedExtent($1, $2);
   $$
-	LANGUAGE 'sql' IMMUTABLE STRICT SECURITY DEFINER;
+	LANGUAGE 'sql' IMMUTABLE STRICT SECURITY INVOKER;
 
 -----------------------------------------------------------------------
 -- FIND_EXTENT( <schema name>, <table name>, <column name> )
-- 
2.40.0