Re: restrict global access to be readonly

happy times wrote
> Sure, we can utilize the   runtime parameter
> default_transaction_read_only, however, it does not restrict user from
> changing transaction attribute to non-readonly mode, so is not safe. 

ISTM that implementing a means to make this setting only super-user
changeable would be a quick(er) solution to the problem - the decision as to
what to disallow is already decided.

It seems like it would have to be a separate GUC but it would require any
new SQL but would simply leverage the existing settings system to setup
database-user values that only a super-user can change.

David J.




--
View this message in context:
http://postgresql.nabble.com/restrict-global-access-to-be-readonly-tp5837818p5838021.html
Sent from the PostgreSQL - hackers mailing list archive at Nabble.com.