Bruce Momjian wrote: > On Mon, May 27, 2013 at 05:21:16PM -0700, Joshua D. Drake wrote:
> > I would like to see the ability to define if a query is read only at > > the protocol level, so that load balances that speak libpq can know > > what to do with the query without parsing it. > > Sounds nice, but how would we do that? That would require libpq to know > it, right? Do we pass anything back after parsing but before execution? > Could it be optional? What about functions that modify the database > --- isn't that only known at execution time? Well, if you hit anything that tries to acquire an Xid, and you're in a context that said only read-only was acceptable, just raise an error. In a similar vein, I vaguely recall we discussed (after some security vulnerability involving SQL injection) a mode where we only accept only one command per PQexec() call, i.e. reject execution of commands that contain multiple queries. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
