> > > Um, why not make it an actual full blown security feature by > > > applying the following patch? This gives PostgreSQL real read > > > only transactions that users can't escape from. Notes about the > > > patch: > > > > Way nifty. > > > > I vote in favor of this patch (suitably documented & debugged) for 7.5. > > Heh, there ain't much to debug: it's pretty straight forward. I ran > all the use cases/syntaxes I could think of and they worked as > expected. It's a pretty chump little ditty that I originally wrote > for the sake of the 7.4 PR, but it's proving to be quite useful here > in my tree... though I like the name "jail_read_only_transactions" > more... patch updated for new name.
Err.. and attached. -sc -- Sean Chittenden
Index: src/include/access/xact.h =================================================================== RCS file: /home/ncvs/pgsql/pgsql-server/src/include/access/xact.h,v retrieving revision 1.52 diff -u -r1.52 xact.h --- src/include/access/xact.h 14 May 2003 03:26:03 -0000 1.52 +++ src/include/access/xact.h 30 Jul 2003 21:27:04 -0000 @@ -33,6 +33,7 @@ /* Xact read-only state */ extern bool DefaultXactReadOnly; extern bool XactReadOnly; +extern bool JailReadOnlyXacts; /* * transaction states - transaction state from server perspective Index: src/backend/utils/misc/guc.c =================================================================== RCS file: /home/ncvs/pgsql/pgsql-server/src/backend/utils/misc/guc.c,v retrieving revision 1.144 diff -u -r1.144 guc.c --- src/backend/utils/misc/guc.c 29 Jul 2003 00:03:18 -0000 1.144 +++ src/backend/utils/misc/guc.c 30 Jul 2003 21:30:50 -0000 @@ -94,6 +94,7 @@ static const char *assign_log_error_verbosity(const char *newval, bool doit, bool interactive); static bool assign_phony_autocommit(bool newval, bool doit, bool interactive); +static bool assign_transaction_read_only(bool newval, bool doit, bool interactive); /* @@ -814,6 +815,15 @@ GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &XactReadOnly, + false, assign_transaction_read_only, NULL + }, + { + {"jail_read_only_transactions", PGC_SUSET, CLIENT_CONN_STATEMENT, + gettext_noop("Jails transactions that are READ ONLY so that users can't change the transaction from being in a READ ONLY mode"), + NULL, + GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE + }, + &JailReadOnlyXacts, false, NULL, NULL }, { @@ -4375,6 +4385,39 @@ return false; } return true; +} + + +static bool +assign_transaction_read_only(bool newval, bool doit, bool interactive) +{ + if (JailReadOnlyXacts == false) + { + if (doit == true) + XactReadOnly = newval; + return true; + } else { + if (superuser() == false) + { + if (newval == true) + { + if (doit) + XactReadOnly = true; + + return true; + } else { + if (doit && interactive) + ereport(ERROR, + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), + errmsg("Insufficient privileges to SET transaction_read_only TO FALSE"))); + return false; + } + } else { + if (doit) + XactReadOnly = newval; + return true; + } + } } Index: src/backend/access/transam/xact.c =================================================================== RCS file: /home/ncvs/pgsql/pgsql-server/src/backend/access/transam/xact.c,v retrieving revision 1.149 diff -u -r1.149 xact.c --- src/backend/access/transam/xact.c 21 Jul 2003 20:29:39 -0000 1.149 +++ src/backend/access/transam/xact.c 30 Jul 2003 21:31:17 -0000 @@ -211,6 +211,7 @@ bool DefaultXactReadOnly = false; bool XactReadOnly; +bool JailReadOnlyXacts = false; int CommitDelay = 0; /* precommit delay in microseconds */ int CommitSiblings = 5; /* number of concurrent xacts needed to
---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]