>A user must have the TRUNCATE privilege to truncate a table or be the
>tables owner.
Well the TRUNCATE example I mentioned is perhaps not explicit of what I meant
to say. A user who can modify data in a client application can also modify
data if he connects directly to the database, bypassing the client
application, with commands like 'UPDATE tbl SET col = value' Even if a few
rows are concerned, data is yet inconsistent. The only way to prevent this is
by preventing a direct access to the sever via a client like psql for example.
With or without use of SSL, it is not possible, unless I'm missing something.