"Pavel Stehule" <[EMAIL PROTECTED]> writes: >> How does a user protect a custom variable using your code? I don't see >> any API that would allow that.
> Every module is responsibile for protectiong own custom variables. Only > module knows if some variable needs protection. And after module > inicialisation module can call ArmorCustomVariable function. From this > moment only superuser can modify this custom variable. If it call > ResetPGVariable() function before then default value is protected. Well, that's the other problem with this approach: the variable is protected only against changes occurring *after* ArmorCustomVariable is called. Throwing away the existing value using ResetPGVariable is surely undesirable if the existing value was in fact set by a superuser. What's worse, I think it is a security hole, because ResetPGVariable's effects can be rolled back by aborting the transaction in which the module load occurs. In any case we've now got a three-step rather than one-step method for setting up a custom variable, with various interesting failure modes if you do the steps in the wrong order. This is not a clean solution. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster