Re: Must be owner to truncate?
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Stephen Frost <sfrost@snowman.net>
Cc: Postgres Hackers <pgsql-hackers@postgresql.org>
Date: 2005-07-07T17:48:59Z
Lists: pgsql-hackers
Stephen Frost <sfrost@snowman.net> writes: > The current permissions checks for truncate seem to be excessive. It > requires that you're the owner of the relation instead of requiring > that you have delete permissions on the relation. It was pointed out > that truncate doesn't call triggers but it seems like that would be > something easy enough to check for. There are other reasons for restricting it: * truncate takes a much stronger lock than a plain delete does. * truncate is not MVCC-safe. I don't really agree with the viewpoint that truncate is just a quick DELETE, and so I do not agree that DELETE permissions should be enough to let you do a TRUNCATE. regards, tom lane