On Fri, Nov 30, 2012 at 7:02 PM, Jeff Davis <pg...@j-davis.com> wrote: > On Fri, 2012-11-30 at 23:41 +0000, ke...@omniti.com wrote: >> The following bug has been logged on the website: >> >> Bug reference: 7716 >> Logged by: Keith Fiske >> Email address: ke...@omniti.com >> PostgreSQL version: 9.2.1 >> Operating system: Any >> Description: >> >> This is documented in the DROP TRIGGER section of the documentation, but it >> doesn't seem to make any sense. If a role has permission to create a >> trigger, why can that same role not have the same permissions to drop it, >> even if that role doesn't own the table? > > My guess is that it's to prevent someone from dropping a trigger created > by someone else. > > I agree that it's inconsistent. I'm not sure why they added the separate > "TRIGGER" privilege in the first place, but it was done more than 10 > years ago. > > Regards, > Jeff Davis > > >
So then don't give that other role trigger permissions if you don't want them to be able to drop a trigger. I'm actually thankful for the trigger permission since it allows the extension I'm working on to create triggers on tables the role doesn't own. But now it only half-works because it can't clean up after itself when the trigger needs to be dropped. Keith -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
