From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Simon Riggs <simon(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Truncate Triggers |
Date: | 2008-01-25 19:05:06 |
Message-ID: | 20080125190506.GU5031@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Simon Riggs <simon(at)2ndquadrant(dot)com> writes:
> > On Fri, 2008-01-25 at 10:44 -0500, Tom Lane wrote:
> >> There are way too many table privilege bits already; to add more you
> >> need something a lot stronger than a "might be nice" argument.
>
> > People use TRUNCATE whatever we say. If you force people to be table
> > owners or superusers you merely restrict their security options.
>
> By that argument you could justify a separate privilege bit for anything
> at all, eg, each sub-variant of ALTER TABLE. Please present an actual
> argument why TRUNCATE should get its own bit.
I've done this already, and continue to feel that TRUNCATE should have
its own bit. There are many cases where you want a user to be able to
truncate a table but not alter its structure. TRUNCATE is not a
DDL-type statement, those can and should be reserved to the owner.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Simon Riggs | 2008-01-25 19:43:55 | Re: Truncate Triggers |
Previous Message | Tom Lane | 2008-01-25 19:00:50 | Re: Truncate Triggers |