Skip site navigation (1) Skip section navigation (2)

Re: Truncate Triggers

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Simon Riggs <simon(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Truncate Triggers
Date: 2008-01-26 19:16:25
Message-ID: 9356.1201374985@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> iirc, the suggestion was to exclude the non-SQL-spec things from 'GRANT
> ALL' to avoid just that issue.  Having to grant TRUNCATE and/or DDL
> operation permissions explicitly would be reasonable.  This might create
> a disconnect with what 'revoke all' does, since that should really
> remove all of the perms, but I feel that's reasonable.  A 'Default
> secure' approach.

More like "default impossibly confusing" :-(.  "GRANT ALL" doesn't mean
grant all privileges?  How the heck are you going to explain/justify
that to a newbie?

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Simon RiggsDate: 2008-01-26 19:22:03
Subject: Re: Truncate Triggers
Previous:From: Tom LaneDate: 2008-01-26 19:13:45
Subject: Re: Simple row serialization?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group