My grant/revoke architecture is fine, you mean about costly cpu/ram queries?
2013/4/9 Tom Lane <t...@sss.pgh.pa.us> > Fabio Rueda Carrascosa <avances...@gmail.com> writes: > > Im planning to publish my postgresql server to a few untrusted clients. > > I dont want them to modify any runtime setting, like work_mem or > something > > risky to my server. In general I assume the pg_catalog schema is public > but > > I don't want to allow updating pg_settings at all. > > If you're allowing untrustworthy users to execute arbitrary SQL, > preventing them from using SET would not make very much difference > in how much trouble they can cause. You're wasting your time worrying > about this. > > regards, tom lane >
