On 07/23/2015 06:27 PM, Adrian Klaver wrote:
> On 07/23/2015 05:08 PM, Rob Sargent wrote:
>> On 07/23/2015 04:15 PM, Karsten Hilbert wrote:
>>> On Thu, Jul 23, 2015 at 12:28:32PM -0600, Rob Sargent wrote:
>>>
>>>> I'm suggesting OP might find changing truncate statements to deletes
>>>> (without a where clause) a simpler solution. Something has to change.
>>> Well, OP isn't looking for a solution to "delete all rows"
>>> but rather to _prevent_ deletion.
>>>
>>> Tim can't go forth and tell Blackhats to "please use DELETE
>>> rather than TRUNCATE", right ?
>>>
>>> AFAICT it'd be more useful to advise OP to revoke TRUNCATE
>>> rights on tables.
>>>
>>> Karsten
>> Not sure about Tim and the Blackhats (there's a band name in there
>> somewhere) but Wouldn't OP have exact same code to fix, one way or
>> another?
>>
>
> I think the point was, the OP(Tim) might not have access to the code
> that is trying to TRUNCATE. This could be because it is coming from
> authorized users who are writing their own code or unauthorized
> users(Blackhats) who are trying to sneak code in.
>
>
Fair enough but both blackhats and the authorized are just as likely to
drop the database as truncate something (intentionally or not) and
backups stashed everywhere is the first order of business.