Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl> writes:
> if I do
> # grant UPDATE, INSERT, SELECT on a to user1;
> it was treat as:
> # grant UPDATE, INSERT, DELETE, SELECT on a to user1;
Yeah. The underlying permission set is actually "read, write, append"
(where write access also allows append). So UPDATE and DELETE are
treated the same, and allowing them also allows INSERT. This is
something that probably oughta be changed some day. That'll doubtless
break some user applications, though, since the true permission set is
user-visible (try psql's \z command for example).
regards, tom lane