Tom, have you considered using PGC_USERLIMIT for the existing
default_transaction_read_only variable? You could allow admins to turn
it on and off, but non-admins could only turn it on.
---------------------------------------------------------------------------
Tom Lane wrote:
> Sean Chittenden <sean@chittenden.org> writes:
> >> I'm not objecting to the idea of being able to make users read-only.
> >> I'm objecting to using GUC for it. Send in a patch that, say, adds
> >> a bool column to pg_shadow, and I'll be happy.
>
> > How is that any different than ALTER USER [username] SET
> > jail_read_only_transactions TO true? It sets something in
> > pg_shadow.useconfig column, which is permanent.
>
> But it has to go through a mechanism that is designed and built to allow
> that value to be overridden from other places. I think using GUC for
> this is just asking for trouble. Even if there is no security hole
> today, it's very easy to imagine future changes in GUC that would
> unintentionally create one.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo@postgresql.org so that your
> message can get through to the mailing list cleanly
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073