Rod Taylor wrote: > By allowing the user a where clause you grant them select privileges. > You will find that delete works the same way. > > This is one of those times when per column permissions are useful. You > could grant them select access on the "name" column but not the "salary" > column.
If I understand clearly, the patch he posted modified things so that if the user issued an UPDATE command, the SELECT permission was required as well. Thus a user with UPDATE privileges but no SELECT was not allowed to execute the UPDATE command. -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
