Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vgt1k-006AiV-2O
	for pgsql-general@arkaria.postgresql.org;
	Fri, 16 Jan 2026 23:14:49 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vgt1j-005Vpx-05
	for pgsql-general@arkaria.postgresql.org;
	Fri, 16 Jan 2026 23:14:47 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1vgt1i-005Vpo-2D
	for pgsql-general@lists.postgresql.org;
	Fri, 16 Jan 2026 23:14:47 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1vgt1f-000pgd-1f
	for pgsql-general@lists.postgresql.org;
	Fri, 16 Jan 2026 23:14:45 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 60GNEelW1725375;
	Fri, 16 Jan 2026 18:14:40 -0500
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Marcelo Fernandes <marcefern7@gmail.com>
cc: Adrian Klaver <adrian.klaver@aklaver.com>,
        Dominique Devienne <ddevienne@gmail.com>,
        pgsql-general@lists.postgresql.org
Subject: Re: Why does TRUNCATE require a special privilege?
In-reply-to: <CAM2F1VMb3VyRXGMGC51mo+PLaB=vRZQD=7YGyOo-z=XXpX8MHg@mail.gmail.com>
References: <CAM2F1VNkovvL_56K_6OJiYU8toUdEG1Jk7ABRQ426Geh8LMB+g@mail.gmail.com> <CAFCRh-9HTzAU7ia--Uad2-KnZv=zXeFaG0iT2ut0KXGEZhsHuw@mail.gmail.com> <9d1c1ee2-7488-4efd-8451-5d5b3cabe7f2@aklaver.com> <CAM2F1VMb3VyRXGMGC51mo+PLaB=vRZQD=7YGyOo-z=XXpX8MHg@mail.gmail.com>
Comments: In-reply-to Marcelo Fernandes <marcefern7@gmail.com>
	message dated "Sat, 17 Jan 2026 10:15:18 +1300"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1725373.1768605280.1@sss.pgh.pa.us>
Content-Transfer-Encoding: quoted-printable
Date: Fri, 16 Jan 2026 18:14:40 -0500
Message-ID: <1725374.1768605280@sss.pgh.pa.us>
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/1725374.1768605280%40sss.pgh.pa.us>
Precedence: bulk

Marcelo Fernandes <marcefern7@gmail.com> writes:
> But from a roles/privilege framework perspective, why would you want to =
give
> certain users the DELETE privilege whereas others you want to give them
> only the TRUNCATE privilege?
> Are we saying to a user that "You need a different level of privilege be=
cause
> you are about to cause a MVCC-unsafe operation?".

Personally I think that's a plenty good enough reason ;-).
The very different locking level is another good reason.
TRUNCATE will block all other activity on the table, while
DELETE doesn't.

However, looking at our git history, it appears that TRUNCATE was
originally only permitted to the table owner.  The separate permission
bit was added (years later) so that the owner could grant out the
ability to others, without doing anything as non-backwards-compatible
as reinterpreting what operations a DELETE grant allows.

			regards, tom lane