Re: [Bizgres-general] WAL bypass for INSERT, UPDATE and
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Stephen Frost <sfrost@snowman.net>
Cc: "Jim C. Nasby" <jnasby@pervasive.com>, Bruce Momjian <pgman@candle.pha.pa.us>, Andrew Dunstan <andrew@dunslane.net>, kleptog@svana.org, simon@2ndquadrant.com, gsstark@mit.edu, pg@rbt.ca, zhouqq@cs.toronto.edu, pgsql-hackers@postgresql.org
Date: 2006-01-03T17:37:32Z
Lists: pgsql-hackers
Stephen Frost <sfrost@snowman.net> writes: > The problem is that you might want to grant 'truncate' to people who > *aren't* particularly trusted. For truncate, at least I have a > real-world use-case for it. I don't find this use-case particularly convincing. If the users are allowed to delete all data in a given table, then that table must be dedicated to them anyway; so it's not that easy to see why you can't risk giving them ownership rights on it. The worst they can do is screw up their own data, no? In any case, I don't see what's so wrong with the model of using SECURITY DEFINER interface functions when you want a security restriction that's finer-grain than the system provides. I really *don't* want to see us trying to, say, categorize every variety of ALTER TABLE as a separately grantable privilege. I could live with something like a catchall "ADMIN" privilege ... except it's not clear how that would differ from ownership. regards, tom lane