Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vgs30-005qbS-1N for pgsql-general@arkaria.postgresql.org; Fri, 16 Jan 2026 22:12:03 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1vgs2z-005Jo1-10 for pgsql-general@arkaria.postgresql.org; Fri, 16 Jan 2026 22:12:01 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vgs2y-005Jno-1Q for pgsql-general@lists.postgresql.org; Fri, 16 Jan 2026 22:12:01 +0000 Received: from fhigh-b4-smtp.messagingengine.com ([202.12.124.155]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vgs2v-000pIM-2T for pgsql-general@lists.postgresql.org; Fri, 16 Jan 2026 22:11:59 +0000 Received: from phl-compute-07.internal (phl-compute-07.internal [10.202.2.47]) by mailfhigh.stl.internal (Postfix) with ESMTP id 0F09D7A00A7; Fri, 16 Jan 2026 17:11:57 -0500 (EST) Received: from phl-frontend-03 ([10.202.2.162]) by phl-compute-07.internal (MEProxy); Fri, 16 Jan 2026 17:11:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aklaver.com; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm1; t=1768601516; x=1768687916; bh=cliZG4z09VFaXc0qquKmcETQGsJ5tNjMYR+mLOUecKk=; b= Uo1b8XnjTUoxomaH9XTgDUkaSiHHkiBkywpDdKIdBYPkXOrdXFcqqI0bbzcTWVTR xFgfjWj1Zorm86U4mUCzr41+X6pdwVhoX65nFpk+GDgXD8CJS4PmCyDkofFfvQw9 QD3hP100eOgXCjWK5rdBzVFFp/Eptru5URfJx9cCtUZL8P6BnXrWIOigS7g8YJC/ REmv+qjMDoBjaOp5urDirhWuth2A0zT0pwVmO58igB2OOTxY96RUfQeJw2OtkJyn tOqdmFub1T53S5nYXtX20aY0ouTfyZzGJCk17XIGHsbcwLpHD4TxXB93dTO0Yaa3 pWUPRwTo9y4ftvHIZ/v/VA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1768601516; x= 1768687916; bh=cliZG4z09VFaXc0qquKmcETQGsJ5tNjMYR+mLOUecKk=; b=R vpuiiVzJcIDlj+A3mpLYb/gLypUGexy6alIje8RS3+iwZRpVs2f8rhdQ2hVGYOV5 kaXLO5BRkCiTiNTs8KIPvSUPrnPJ86dg5FSzR1c/+TIMhW9C+MhQFvB/5OuiOtdR rmJhffI6NNxuPT9pera+oLHQtzqryBhgtZoXKUJn+qZNOzIA29gdgz9DIlR6NPHj 4YBY82fyWGpxx8PJtT5towzLXcZG9a1z5kQWofER8DidbMIsYX2eBClhZNUfBEMA keKHkWZZvD1Qe/eXOPJztfxMpKvcLApIdncs5fqiVAGcjjEHgG69GHYfP8nMjHfq rHOVFTTffP+rZhurr2/Fg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgddufedtudduucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf gurhepkfffgggfuffvvehfhfgjtgfgsehtjeertddtvdejnecuhfhrohhmpeetughrihgr nhcumfhlrghvvghruceorggurhhirghnrdhklhgrvhgvrhesrghklhgrvhgvrhdrtghomh eqnecuggftrfgrthhtvghrnhephfeviefhveelffeftdehudekveefhfeftdegieefveet fffgfeehtdfftedutedtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomheprggurhhirghnrdhklhgrvhgvrhesrghklhgrvhgvrhdrtghomhdpnhgs pghrtghpthhtohepfedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepmhgrrhgtvg hfvghrnhejsehgmhgrihhlrdgtohhmpdhrtghpthhtohepugguvghvihgvnhhnvgesghhm rghilhdrtghomhdprhgtphhtthhopehpghhsqhhlqdhgvghnvghrrghlsehlihhsthhsrd hpohhsthhgrhgvshhqlhdrohhrgh X-ME-Proxy: Feedback-ID: i76984098:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 16 Jan 2026 17:11:56 -0500 (EST) Message-ID: <450b1e18-0355-454b-9b33-bd4e780914ed@aklaver.com> Date: Fri, 16 Jan 2026 14:11:55 -0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Why does TRUNCATE require a special privilege? To: Marcelo Fernandes Cc: Dominique Devienne , pgsql-general@lists.postgresql.org References: <9d1c1ee2-7488-4efd-8451-5d5b3cabe7f2@aklaver.com> Content-Language: en-US From: Adrian Klaver In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 1/16/26 13:15, Marcelo Fernandes wrote: > Those operations do different things, sure. > > But from a roles/privilege framework perspective, why would you want to give > certain users the DELETE privilege whereas others you want to give them > only the TRUNCATE privilege? > > Are we saying to a user that "You need a different level of privilege because > you are about to cause a MVCC-unsafe operation?". The thing I see as difference worthy of separation is: "CASCADE Automatically truncate all tables that have foreign-key references to any of the named tables, or to any tables added to the group due to CASCADE. " Now the same end result can be done with: delete from some_table: where the FK's pointing at some_table have ON CASCADE DELETE. The difference being a DBA has the option of creating the FKs with ON CASCADE NO ACTION which would throw an error. In other words you can prevent an unconstrained DELETE on some_table from removing all the child records. With TRUNCATE ... CASCADE, you cannot, the potential for harm is greater. > > Or is the privilege framework simply ruling "Do different things, have > different permissions"? > > Marcelo. > -- Adrian Klaver adrian.klaver@aklaver.com