On Thu, Mar 09, 2000 at 12:28:38PM -0500, Bruce Momjian wrote:
> That is the issue? That UPDATE grants DELETE? I can UPDATE all fields
> to NULL, and that is pretty much the same as DELETE. We can easily add
> documentation on that "feature".
Sure, do it, however you're still wrong.
For the second time I receive a message from someone who thinks this.
It's clearly false, and I'm surprised a major postgresql hacker
does this mistake:
suppose you want to grant delete but not update, and you're interested,
for example in a "select count (*) from table" being accurate have the
data been modified (with NULL) or not. Then in this case update and delete
ARE NOT the same.
Now suppose you define a rule to act differently on delete or update on a particular
table, maybe to save datas in other tables or update only some fields, or whatever,
I don't know.
Then think a little bit, and you'll notice that these actions (update and delete)
are really different.
In a near future, I suppose you will allow acls to work on fields too.
If you do it, you will notice that delete and update are really different in
this case too.
If you disagree with me, then document your "feature" and please stop wasting
my time.
bye,
Jerome
