On 07/23/2015 05:37 PM, Rob Sargent wrote:
On 07/23/2015 06:27 PM, Adrian Klaver wrote:
On 07/23/2015 05:08 PM, Rob Sargent wrote:
On 07/23/2015 04:15 PM, Karsten Hilbert wrote:
On Thu, Jul 23, 2015 at 12:28:32PM -0600, Rob Sargent wrote:
I'm suggesting OP might find changing truncate statements to deletes
(without a where clause) a simpler solution. Something has to change.
Well, OP isn't looking for a solution to "delete all rows"
but rather to _prevent_ deletion.
Tim can't go forth and tell Blackhats to "please use DELETE
rather than TRUNCATE", right ?
AFAICT it'd be more useful to advise OP to revoke TRUNCATE
rights on tables.
Karsten
Not sure about Tim and the Blackhats (there's a band name in there
somewhere) but Wouldn't OP have exact same code to fix, one way or
another?
I think the point was, the OP(Tim) might not have access to the code
that is trying to TRUNCATE. This could be because it is coming from
authorized users who are writing their own code or unauthorized
users(Blackhats) who are trying to sneak code in.
Fair enough but both blackhats and the authorized are just as likely to
drop the database as truncate something (intentionally or not) and
backups stashed everywhere is the first order of business.
Well that is a different crisis and not covered by rules or triggers:)
--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general