Re: [GENERAL] Permission Problem for DELETE

Tom Lane Tue, 27 May 2008 10:45:44 -0700

[EMAIL PROTECTED] (Volkan =?utf-8?B?WWF6xLFjxLE=?=) writes:
> On Tue, 27 May 2008, Tom Lane <[EMAIL PROTECTED]> writes:
>> You don't have SELECT privilege, which is required to read any of the
>> columns in the WHERE clause.


> As far as I tested, even

>   DELETE FROM foo;
>   UPDATE foo SET bar = NULL;

> commands _require_ SELECT permissions.

Well, you tested wrong then.  It works as expected for me, which is
that you need SELECT if the query involves fetching any existing
column value:

regression=# create user joe;
CREATE ROLE
regression=# create table foo (f1 int, f2 int);
CREATE TABLE
regression=# grant delete , update on table foo to joe;
GRANT
regression=# \c - joe
You are now connected to database "regression" as user "joe".
regression=> update foo set f1 = null;
UPDATE 0
regression=> update foo set f1 = f2;  
ERROR:  permission denied for relation foo
regression=> delete from foo;
DELETE 0
regression=> delete from foo where f1 = 42;
ERROR:  permission denied for relation foo
regression=> 

                        regards, tom lane

-- 
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

Re: [GENERAL] Permission Problem for DELETE

Reply via email to