Re: Must be owner to truncate?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Postgres Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Must be owner to truncate?
Date: 2005-07-07 17:48:59
Message-ID: 20228.1120758539@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Stephen Frost <sfrost(at)snowman(dot)net> writes:
> The current permissions checks for truncate seem to be excessive. It
> requires that you're the owner of the relation instead of requiring
> that you have delete permissions on the relation. It was pointed out
> that truncate doesn't call triggers but it seems like that would be
> something easy enough to check for.

There are other reasons for restricting it:
* truncate takes a much stronger lock than a plain delete does.
* truncate is not MVCC-safe.

I don't really agree with the viewpoint that truncate is just a quick
DELETE, and so I do not agree that DELETE permissions should be enough
to let you do a TRUNCATE.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Stephen Frost 2005-07-07 18:02:05 Re: Must be owner to truncate?
Previous Message Darren Alcorn 2005-07-07 17:28:43 Re: SQL99 - Nested Tables