> > > Um, why not make it an actual full blown security feature by
> > > applying the following patch? This gives PostgreSQL real read
> > > only transactions that users can't escape from. Notes about the
> > > patch:
> >
> > Way nifty.
> >
> > I vote in favor of this patch (suitably documented & debugged) for 7.5.
>
> Heh, there ain't much to debug: it's pretty straight forward. I ran
> all the use cases/syntaxes I could think of and they worked as
> expected. It's a pretty chump little ditty that I originally wrote
> for the sake of the 7.4 PR, but it's proving to be quite useful here
> in my tree... though I like the name "jail_read_only_transactions"
> more... patch updated for new name.
Err.. and attached. -sc
--
Sean Chittenden
Index: src/include/access/xact.h
===================================================================
RCS file: /home/ncvs/pgsql/pgsql-server/src/include/access/xact.h,v
retrieving revision 1.52
diff -u -r1.52 xact.h
--- src/include/access/xact.h 14 May 2003 03:26:03 -0000 1.52
+++ src/include/access/xact.h 30 Jul 2003 21:27:04 -0000
@@ -33,6 +33,7 @@
/* Xact read-only state */
extern bool DefaultXactReadOnly;
extern bool XactReadOnly;
+extern bool JailReadOnlyXacts;
/*
* transaction states - transaction state from server perspective
Index: src/backend/utils/misc/guc.c
===================================================================
RCS file: /home/ncvs/pgsql/pgsql-server/src/backend/utils/misc/guc.c,v
retrieving revision 1.144
diff -u -r1.144 guc.c
--- src/backend/utils/misc/guc.c 29 Jul 2003 00:03:18 -0000 1.144
+++ src/backend/utils/misc/guc.c 30 Jul 2003 21:30:50 -0000
@@ -94,6 +94,7 @@
static const char *assign_log_error_verbosity(const char *newval, bool doit,
bool interactive);
static bool assign_phony_autocommit(bool newval, bool doit, bool interactive);
+static bool assign_transaction_read_only(bool newval, bool doit, bool interactive);
/*
@@ -814,6 +815,15 @@
GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
},
&XactReadOnly,
+ false, assign_transaction_read_only, NULL
+ },
+ {
+ {"jail_read_only_transactions", PGC_SUSET, CLIENT_CONN_STATEMENT,
+ gettext_noop("Jails transactions that are READ ONLY so that
users can't change the transaction from being in a READ ONLY mode"),
+ NULL,
+ GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE
+ },
+ &JailReadOnlyXacts,
false, NULL, NULL
},
{
@@ -4375,6 +4385,39 @@
return false;
}
return true;
+}
+
+
+static bool
+assign_transaction_read_only(bool newval, bool doit, bool interactive)
+{
+ if (JailReadOnlyXacts == false)
+ {
+ if (doit == true)
+ XactReadOnly = newval;
+ return true;
+ } else {
+ if (superuser() == false)
+ {
+ if (newval == true)
+ {
+ if (doit)
+ XactReadOnly = true;
+
+ return true;
+ } else {
+ if (doit && interactive)
+ ereport(ERROR,
+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+ errmsg("Insufficient privileges to
SET transaction_read_only TO FALSE")));
+ return false;
+ }
+ } else {
+ if (doit)
+ XactReadOnly = newval;
+ return true;
+ }
+ }
}
Index: src/backend/access/transam/xact.c
===================================================================
RCS file: /home/ncvs/pgsql/pgsql-server/src/backend/access/transam/xact.c,v
retrieving revision 1.149
diff -u -r1.149 xact.c
--- src/backend/access/transam/xact.c 21 Jul 2003 20:29:39 -0000 1.149
+++ src/backend/access/transam/xact.c 30 Jul 2003 21:31:17 -0000
@@ -211,6 +211,7 @@
bool DefaultXactReadOnly = false;
bool XactReadOnly;
+bool JailReadOnlyXacts = false;
int CommitDelay = 0; /* precommit delay in microseconds */
int CommitSiblings = 5; /* number of concurrent xacts needed to
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
