Robert Haas <robertmh...@gmail.com> writes:
> On Tue, Jul 30, 2019 at 1:36 PM Tom Lane <t...@sss.pgh.pa.us> wrote:
>> In any case, my question at the moment is whether we need the belt-and-
>> suspenders-too approach of having both non-parallel-safe marking and an
>> explicit check inside these functions. We've largely moved away from
>> hard-wired checks for e.g. superuserness, and surely these things are
>> less dangerous than most formerly-superuser-only functions.
> If we can't think of a way that the lack of these checks could crash
> it, then I think it's OK to remove the hardwired checks. If we can,
> I'd favor keeping them.
Well, there'd be an actual isolation test that they work ;-), if you
override the marking. Admittedly, one test case does not prove that
there's no way to crash the system, but that can be said of most
parts of Postgres.
regards, tom lane
