Must be table owner to truncate?

smiley2211 <msramsey22@gmail.com> writes:

GRANT TRUNCATE ON stage01 TO jaime44;
ERROR: unrecognized privilege type "truncate"

There is no such permission; where did you get the idea there was?

regards, tom lane

According to the documentation, http://www.postgresql.org/docs/current/interactive/sql-truncate.html
, only the owner can truncate a table. Which means the non-owner must either log in/ switch roles as
the owner, or they can just run a DELETE.
-Said

smiley2211 wrote:

Unfortunately, I found the command via google...I later checked the
documentation...

http://www.postgresql.org/docs/8.1/static/sql-truncate.html

Thanks...Michelle

Tom Lane-2 wrote:

smiley2211 <msramsey22@gmail.com> writes:

GRANT TRUNCATE ON stage01 TO jaime44;
ERROR: unrecognized privilege type "truncate"

There is no such permission; where did you get the idea there was?

regards, tom lane

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

-(

--
View this message in context: http://www.nabble.com/Must-be-table-owner-to-truncate--tp18697753p18698506.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.

At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:

According to the documentation,
http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
only the owner can truncate a table. Which means the non-owner must
either log in/ switch roles as the owner, or they can just run a DELETE.

Well that's interesting. From a security standpoint, what's the
difference between an unqualified DELETE and a TRUNCATE?

Also interesting to note that TRUNCATE is transaction safe, but not MVCC
safe. Good to know, good to know ...

Kevin

On mi�, 2008-07-30 at 07:36 -0400, Kevin Hunter wrote:

At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:

According to the documentation,
http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
only the owner can truncate a table. Which means the non-owner must
either log in/ switch roles as the owner, or they can just run a DELETE.

Well that's interesting. From a security standpoint, what's the
difference between an unqualified DELETE and a TRUNCATE?

lack of triggers and RULEs spring to mind.

gnari

* Ragnar (gnari@hive.is) wrote:

On mið, 2008-07-30 at 07:36 -0400, Kevin Hunter wrote:

At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:

According to the documentation,
http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
only the owner can truncate a table. Which means the non-owner must
either log in/ switch roles as the owner, or they can just run a DELETE.

Well that's interesting. From a security standpoint, what's the
difference between an unqualified DELETE and a TRUNCATE?

lack of triggers and RULEs spring to mind.

It also takes a bigger lock on the table than DELETE, which may or may
not be considered a security issue. triggers really are the big issue
wrt security and why it deserves to be a seperatelly grantable
permission from delete.

Thanks,

Stephen

On Wednesday 30 July 2008 08:52:26 Ragnar wrote:

On mið, 2008-07-30 at 07:36 -0400, Kevin Hunter wrote:

At 3:45p -0400 on Mon, 28 Jul 2008, Said Ramirez wrote:

According to the documentation,
http://www.postgresql.org/docs/current/interactive/sql-truncate.html ,
only the owner can truncate a table. Which means the non-owner must
either log in/ switch roles as the owner, or they can just run a
DELETE.

Well that's interesting. From a security standpoint, what's the
difference between an unqualified DELETE and a TRUNCATE?

lack of triggers and RULEs spring to mind.

Just fyi, there is a patch for 8.4 that will add truncate permissions.

--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL