Re: Must be owner to truncate?

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Stephen Frost <sfrost@snowman.net>
Cc: Postgres Hackers <pgsql-hackers@postgresql.org>
Date: 2005-07-07T17:48:59Z
Lists: pgsql-hackers
Stephen Frost <sfrost@snowman.net> writes:
>   The current permissions checks for truncate seem to be excessive.  It
>   requires that you're the owner of the relation instead of requiring
>   that you have delete permissions on the relation.  It was pointed out
>   that truncate doesn't call triggers but it seems like that would be
>   something easy enough to check for.

There are other reasons for restricting it:
 * truncate takes a much stronger lock than a plain delete does.
 * truncate is not MVCC-safe.

I don't really agree with the viewpoint that truncate is just a quick
DELETE, and so I do not agree that DELETE permissions should be enough
to let you do a TRUNCATE.

			regards, tom lane