| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Gevik Babakhani <pgdev(at)xs4all(dot)nl>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Regarding TODO item "%Add a separate TRUNCATE |
| Date: | 2006-04-26 17:57:28 |
| Message-ID: | 20060426175728.GO4474@ns.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Gevik Babakhani <pgdev(at)xs4all(dot)nl> writes:
> > Would the privilege apply to the table depending on the table being
> > truncated?
>
> I think the idea is to require TRUNCATE privilege on all the tables
> being truncated in the command. This would substitute for the existing
> ownership check.
Right, definitely agree about this.
> I do have a concern here, which is that GRANT ALL on a table didn't use
> to convey TRUNCATE, but now it will. However, since GRANT ALL does
> confer the right to do "DELETE FROM tab", maybe this isn't an issue.
Hmmm, I have to agree that this an interesting question. I don't tend
to use "GRANT ALL" so I'm not really sure what people are thinking when
they use it. It seems to me that it'd make sense to include TRUNCATE in
'GRANT ALL' (since it includes the abilities to create triggers and
references, etc, which I wouldn't generally consider to be "normal",
where "normal" would be select/insert/update/delete).
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2006-04-26 18:06:32 | Re: Regarding TODO item "%Add a separate TRUNCATE permission" |
| Previous Message | Tom Lane | 2006-04-26 17:54:26 | Re: Regarding TODO item "%Add a separate TRUNCATE permission" |