From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | KeithW(at)narrowpathinc(dot)com |
Cc: | PostgreSQL Novice <pgsql-novice(at)postgresql(dot)org>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [NOVICE] Question on TRUNCATE privleges |
Date: | 2005-02-24 22:47:44 |
Message-ID: | 28265.1109285264@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-novice |
"Keith Worthington" <keithw(at)narrowpathinc(dot)com> writes:
> On Thu, 24 Feb 2005 17:15:42 -0500, Tom Lane wrote
>> Yeah. I've dropped the idea personally -- the suggestion that the table
>> owner can provide a SECURITY DEFINER procedure to do the TRUNCATE if
>> he wants to allow others to do it seems to me to cover the problem.
> Could someone point me in the direction of documentation on this SECURITY
> DEFINER feature?
See CREATE FUNCTION. Something like (untested)
create function truncate_my_table() returns void as
$$ truncate my_table $$ language sql security definer;
You'd probably then revoke the default public EXECUTE rights on this
function, and grant EXECUTE only to selected users.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Eric Crampton | 2005-02-24 22:49:00 | Patch for Postmaster Uptime (from the TODO) |
Previous Message | Marc G. Fournier | 2005-02-24 22:40:37 | Re: Some download statistics |
From | Date | Subject | |
---|---|---|---|
Next Message | Ross Gohlke | 2005-02-25 01:03:50 | Using upper() / decode() together |
Previous Message | Keith Worthington | 2005-02-24 22:28:08 | Re: [NOVICE] Question on TRUNCATE privleges |