On Thu, Jul 21, 2016 at 09:21:55AM -0400, Jim Mlodgenski wrote: > On Thu, Jul 21, 2016 at 12:57 AM, David Fetter <da...@fetter.org> wrote: > > Please find attached a patch which makes it possible to disallow > > UPDATEs and DELETEs which lack a WHERE clause. As this changes > > query behavior, I've made the new GUCs PGC_SUSET. > > > > What say? > > > Can't you implement this as a extension?
Yes. In that case, I'd want to make it a contrib extension, as it is at least in theory attached to specific major versions of the backend. Also, if it's not in contrib, we can basically forget about having most people even know about it, let alone get specific separate permission to use it in production. That's reality, much as I would like it not to be. > The SQL Firewall project is already doing some similar concepts by > catching prohibiting SQL and preventing it from executing. > https://github.com/uptimejp/sql_firewall That's very nice, but it illustrates my point perfectly. The extension is from a current respected and prolific contributor to the community, but I had no idea that it was there, and by dint of writing the PostgreSQL Weekly News, I keep closer tabs on external things PostgreSQL than easily 99.9% of people who deploy it. Best, David. -- David Fetter <david(at)fetter(dot)org> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: david(dot)fetter(at)gmail(dot)com Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers