| From: | Josh Kupershmidt <schmiddy(at)gmail(dot)com> |
|---|---|
| To: | Florian Weimer <fweimer(at)bfk(dot)de> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: LOCK TABLE permission requirements |
| Date: | 2011-06-30 00:02:17 |
| Message-ID: | CAK3UJRE5pvDF59-9o6SUrMRuOzsx=Ex4QTkkerPkKiCDLNDTpA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Jun 29, 2011 at 7:48 AM, Florian Weimer <fweimer(at)bfk(dot)de> wrote:
> I've been looking around in the 9.0 documentation, but couldn't find the
> permission requirements for LOCK TABLE (in particular, LOCK TABLE IN
> SHARE MODE). From the source, you need at least one of UPDATE, DELETE
> or TRUNCATE.
>
> Is there a reason why the INSERT privilege is not sufficient for LOCK
> TABLE, or is this just an oversight?
The comments on this thread outline some reasons the permissions for
LOCK TABLE are setup the way they are:
http://archives.postgresql.org/pgsql-hackers/2010-11/msg01819.php
Basically, if you have UPDATE, DELETE, or TRUNCATE privileges you can
potentially lock out competing sessions on a table, similar to what
some forms of LOCK TABLE would do; just having INSERT privileges
doesn't necessarily give you that power.
Josh
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig Ringer | 2011-06-30 00:39:40 | Re: Windows x64 : How do I get OSSP-UUID.sql contrib for postgresql x64 |
| Previous Message | David Johnston | 2011-06-29 22:31:14 | Re: Real type with zero |