| From: | Keith Worthington <KeithW(at)NarrowPathInc(dot)com> |
|---|---|
| To: | Lynwood Stewart <lynwood(at)nwlink(dot)com> |
| Cc: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: truncating table permissions |
| Date: | 2005-03-05 03:35:48 |
| Message-ID: | 42292914.6000209@NarrowPathInc.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Lynwood Stewart wrote:
>I was expecting "truncate table <tablename>" to truncate a table if I had
>delete permissions. This does not appear to be the case.
>
>Would someone confirm this for me, or let me know what I am doing wrong.
>
>
>
This is the case. You are not doing anything wrong. There was a
discussion on this on the NOVICE list beginning on 2/22. The subject
was "Question on TRUNCATE privileges"
At the end of the day the answer is to have the table owner create a
truncate function with SECURITY DEFINER privilege.
The following is from Tom Lane.
See CREATE FUNCTION. Something like (untested)
create function truncate_my_table() returns void as
$$ truncate my_table $$ language sql security definer;
You'd probably then revoke the default public EXECUTE
rights on this function, and grant EXECUTE only to
selected users.
--
Kind Regards,
Keith
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bret Hughes | 2005-03-05 03:39:25 | Re: definative way to place secs from epoc into timestamp |
| Previous Message | Andrew - Supernews | 2005-03-05 00:45:42 | Re: definative way to place secs from epoc into timestamp |