Bruce Momjian <[EMAIL PROTECTED]> writes: > I assume this patch is to control this way of breaking out of a > read-only transaction: > [...] > This seems like a valuable feature, as others have mentioned.
Why is this feature valuable? A "read only user" is still able to easily DOS the server, consume arbitrary disk space[1], and prevent other users from accessing data (using LOCK, for example). It has been a long-standing fact that giving a user the ability to execute arbitrary SQL is a security hole; if you plan to change that, ISTM that a lot more work is necessary. -Neil [1] Whether they are allowed to create temp tables or not: plenty of other parts of the executor use temporary storage. ---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
