> Also, I'm not yet convinced that simple privatizable transcient/session > variables would not be enough to fit the use case, so that for the same > price there would be session variables for all, not only special ones with > permissions.
Since, unlike Oracle, we don't have compiled packages or plan-caching above the session level, there's not the same hard requirement for the variable definition to be persistent.
So... maybe? The main question then becomes how you integrate access control.
For security the variable should be persistent.
If you would to do statical analyse (what you usually would), then variable should be persistent.
Currently the big issue of plpgsql_check is work with temporary tables. Local objects or dynamic sql is stop for static check.