Sean Chittenden <sean@chittenden.org> writes:
>> I would NOT call it a "security" provision, as it is fairly easily
>> defeated using SET TRANSACTION.
> Um, why not make it an actual full blown security feature by applying
> the following patch?
It's not intended to be a security measure, and I would strongly resist
any attempt to make it so along the lines you propose. I do not want to
try to base real security on GUC settings. The GUC mechanism is not
designed to be unsubvertible, it's designed to allow convenient
administration of a bunch of settings.
In any case, we already have mechanisms for preventing specific users
from altering data: that's what GRANT/REVOKE are for. I don't think
anyone would have bothered with START TRANSACTION READ ONLY if it
weren't required by the SQL spec.
regards, tom lane
