| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Simon Riggs <simon(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Truncate Triggers |
| Date: | 2008-01-25 19:05:06 |
| Message-ID: | 20080125190506.GU5031@tamriel.snowman.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Simon Riggs <simon(at)2ndquadrant(dot)com> writes:
> > On Fri, 2008-01-25 at 10:44 -0500, Tom Lane wrote:
> >> There are way too many table privilege bits already; to add more you
> >> need something a lot stronger than a "might be nice" argument.
>
> > People use TRUNCATE whatever we say. If you force people to be table
> > owners or superusers you merely restrict their security options.
>
> By that argument you could justify a separate privilege bit for anything
> at all, eg, each sub-variant of ALTER TABLE. Please present an actual
> argument why TRUNCATE should get its own bit.
I've done this already, and continue to feel that TRUNCATE should have
its own bit. There are many cases where you want a user to be able to
truncate a table but not alter its structure. TRUNCATE is not a
DDL-type statement, those can and should be reserved to the owner.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2008-01-25 19:43:55 | Re: Truncate Triggers |
| Previous Message | Tom Lane | 2008-01-25 19:00:50 | Re: Truncate Triggers |