Lists: | pgsql-general |
---|
From: | smiley2211 <msramsey22(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Must be table owner to truncate? |
Date: | 2008-07-28 19:36:11 |
Message-ID: | 18697753.post@talk.nabble.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
Hello all,
I am trying to GRANT truncate permissions to a non-owner of table and it's
not allowing me to:
GRANT TRUNCATE ON stage01 TO jaime44;
ERROR: unrecognized privilege type "truncate"
How do I grant said permission?
Thanks...Michelle.
--
View this message in context: http://www.nabble.com/Must-be-table-owner-to-truncate--tp18697753p18697753.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | smiley2211 <msramsey22(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-28 19:42:14 |
Message-ID: | 26931.1217274134@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
smiley2211 <msramsey22(at)gmail(dot)com> writes:
> GRANT TRUNCATE ON stage01 TO jaime44;
> ERROR: unrecognized privilege type "truncate"
There is no such permission; where did you get the idea there was?
regards, tom lane
From: | Said Ramirez <sramirez(at)vonage(dot)com> |
---|---|
To: | smiley2211 <msramsey22(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-28 19:45:05 |
Message-ID: | 488E21C1.8050900@vonage.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
According to the documentation, http://www.postgresql.org/docs/current/interactive/sql-truncate.html
, only the owner can truncate a table. Which means the non-owner must either log in/ switch roles as
the owner, or they can just run a DELETE.
-Said
smiley2211 wrote:
>
> Hello all,
>
> I am trying to GRANT truncate permissions to a non-owner of table and it's
> not allowing me to:
>
> GRANT TRUNCATE ON stage01 TO jaime44;
> ERROR: unrecognized privilege type "truncate"
>
> How do I grant said permission?
>
> Thanks...Michelle.
>
> --
> View this message in context:
> http://www.nabble.com/Must-be-table-owner-to-truncate--tp18697753p18697753.html
> Sent from the PostgreSQL - general mailing list archive at Nabble.com.
>
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
From: | smiley2211 <msramsey22(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-28 20:06:51 |
Message-ID: | 18698506.post@talk.nabble.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
Unfortunately, I found the command via google...I later checked the
documentation...
http://www.postgresql.org/docs/8.1/static/sql-truncate.html
Thanks...Michelle
Tom Lane-2 wrote:
>
> smiley2211 <msramsey22(at)gmail(dot)com> writes:
>> GRANT TRUNCATE ON stage01 TO jaime44;
>> ERROR: unrecognized privilege type "truncate"
>
> There is no such permission; where did you get the idea there was?
>
> regards, tom lane
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
>
>-(
--
View this message in context: http://www.nabble.com/Must-be-table-owner-to-truncate--tp18697753p18698506.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
From: | Kevin Hunter <hunteke(at)earlham(dot)edu> |
---|---|
To: | Postgres General List <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-30 11:36:35 |
Message-ID: | 48905243.7030503@earlham.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:
> According to the documentation,
> http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
> only the owner can truncate a table. Which means the non-owner must
> either log in/ switch roles as the owner, or they can just run a DELETE.
Well that's interesting. From a security standpoint, what's the
difference between an unqualified DELETE and a TRUNCATE?
Also interesting to note that TRUNCATE is transaction safe, but not MVCC
safe. Good to know, good to know ...
Kevin
From: | Ragnar <gnari(at)hive(dot)is> |
---|---|
To: | Kevin Hunter <hunteke(at)earlham(dot)edu> |
Cc: | Postgres General List <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-30 12:52:26 |
Message-ID: | 1217422346.9672.1.camel@localhost.localdomain |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
On mið, 2008-07-30 at 07:36 -0400, Kevin Hunter wrote:
> At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:
> > According to the documentation,
> > http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
> > only the owner can truncate a table. Which means the non-owner must
> > either log in/ switch roles as the owner, or they can just run a DELETE.
>
> Well that's interesting. From a security standpoint, what's the
> difference between an unqualified DELETE and a TRUNCATE?
lack of triggers and RULEs spring to mind.
gnari
From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Ragnar <gnari(at)hive(dot)is> |
Cc: | Kevin Hunter <hunteke(at)earlham(dot)edu>, Postgres General List <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-30 14:46:02 |
Message-ID: | 20080730144602.GQ16005@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
* Ragnar (gnari(at)hive(dot)is) wrote:
>
> On mið, 2008-07-30 at 07:36 -0400, Kevin Hunter wrote:
> > At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:
> > > According to the documentation,
> > > http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
> > > only the owner can truncate a table. Which means the non-owner must
> > > either log in/ switch roles as the owner, or they can just run a DELETE.
> >
> > Well that's interesting. From a security standpoint, what's the
> > difference between an unqualified DELETE and a TRUNCATE?
>
> lack of triggers and RULEs spring to mind.
It also takes a bigger lock on the table than DELETE, which may or may
not be considered a security issue. triggers really are the big issue
wrt security and why it deserves to be a seperatelly grantable
permission from delete.
Thanks,
Stephen
From: | Robert Treat <xzilla(at)users(dot)sourceforge(dot)net> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Cc: | Ragnar <gnari(at)hive(dot)is>, Kevin Hunter <hunteke(at)earlham(dot)edu> |
Subject: | Re: Must be table owner to truncate? |
Date: | 2008-07-30 15:14:52 |
Message-ID: | 200807301114.53031.xzilla@users.sourceforge.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general |
On Wednesday 30 July 2008 08:52:26 Ragnar wrote:
> On mið, 2008-07-30 at 07:36 -0400, Kevin Hunter wrote:
> > At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:
> > > According to the documentation,
> > > http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
> > > only the owner can truncate a table. Which means the non-owner must
> > > either log in/ switch roles as the owner, or they can just run a
> > > DELETE.
> >
> > Well that's interesting. From a security standpoint, what's the
> > difference between an unqualified DELETE and a TRUNCATE?
>
> lack of triggers and RULEs spring to mind.
>
Just fyi, there is a patch for 8.4 that will add truncate permissions.
--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL