Bruce Momjian wrote:
> On Mon, May 27, 2013 at 05:21:16PM -0700, Joshua D. Drake wrote:
> > I would like to see the ability to define if a query is read only at
> > the protocol level, so that load balances that speak libpq can know
> > what to do with the query without parsing it.
>
> Sounds nice, but how would we do that? That would require libpq to know
> it, right? Do we pass anything back after parsing but before execution?
> Could it be optional? What about functions that modify the database
> --- isn't that only known at execution time?
Well, if you hit anything that tries to acquire an Xid, and you're in a
context that said only read-only was acceptable, just raise an error.
In a similar vein, I vaguely recall we discussed (after some security
vulnerability involving SQL injection) a mode where we only accept only
one command per PQexec() call, i.e. reject execution of commands that
contain multiple queries.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
