Tom, have you considered using PGC_USERLIMIT for the existing
default_transaction_read_only variable?  You could allow admins to turn
it on and off, but non-admins could only turn it on.

---------------------------------------------------------------------------

Tom Lane wrote:
> Sean Chittenden <[EMAIL PROTECTED]> writes:
> >> I'm not objecting to the idea of being able to make users read-only.
> >> I'm objecting to using GUC for it.  Send in a patch that, say, adds
> >> a bool column to pg_shadow, and I'll be happy.
> 
> > How is that any different than ALTER USER [username] SET
> > jail_read_only_transactions TO true?  It sets something in
> > pg_shadow.useconfig column, which is permanent.
> 
> But it has to go through a mechanism that is designed and built to allow
> that value to be overridden from other places.  I think using GUC for
> this is just asking for trouble.  Even if there is no security hole
> today, it's very easy to imagine future changes in GUC that would
> unintentionally create one.
> 
>                       regards, tom lane
> 
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
>       subscribe-nomail command to [EMAIL PROTECTED] so that your
>       message can get through to the mailing list cleanly
> 

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  [EMAIL PROTECTED]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
    (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])

Reply via email to