Skip site navigation (1) Skip section navigation (2)

Re: [NOVICE] Question on TRUNCATE privleges

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Thomas Hallgren <thhal(at)mailblocks(dot)com>,PostgreSQL Novice <pgsql-novice(at)postgresql(dot)org>,pgsql-hackers(at)postgresql(dot)org
Subject: Re: [NOVICE] Question on TRUNCATE privleges
Date: 2005-02-24 22:15:42
Message-ID: 27861.1109283342@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-novice
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Uh, that seems like it adds extra complexity just for this single case.

Yeah.  I've dropped the idea personally -- the suggestion that the table
owner can provide a SECURITY DEFINER procedure to do the TRUNCATE if he
wants to allow others to do it seems to me to cover the problem.

> Why don't we allow TRUNCATE by non-owners only if no triggers are
> defined, and if they are defined, we throw an error and mention it is
> because triggers/contraints exist?

I don't think we should put weird special cases in the rights checking
to allow this -- that's usually a recipe for introducing unintended
security holes.

			regards, tom lane

In response to

Responses

pgsql-novice by date

Next:From: Bruce MomjianDate: 2005-02-24 22:21:29
Subject: Re: [NOVICE] Question on TRUNCATE privleges
Previous:From: Bruce MomjianDate: 2005-02-24 22:10:50
Subject: Re: [NOVICE] Question on TRUNCATE privleges

pgsql-hackers by date

Next:From: Tom LaneDate: 2005-02-24 22:17:59
Subject: Re: Some download statistics
Previous:From: Bruce MomjianDate: 2005-02-24 22:10:50
Subject: Re: [NOVICE] Question on TRUNCATE privleges

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group