Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1w38CY-000vhe-1v for pgsql-hackers@arkaria.postgresql.org; Thu, 19 Mar 2026 07:53:54 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1w38CX-00H5hX-11 for pgsql-hackers@arkaria.postgresql.org; Thu, 19 Mar 2026 07:53:53 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1w38CW-00H5hO-2u for pgsql-hackers@lists.postgresql.org; Thu, 19 Mar 2026 07:53:53 +0000 Received: from mail-yx1-xb12f.google.com ([2607:f8b0:4864:20::b12f]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1w38CT-00000000V00-2Zq5 for pgsql-hackers@postgresql.org; Thu, 19 Mar 2026 07:53:52 +0000 Received: by mail-yx1-xb12f.google.com with SMTP id 956f58d0204a3-64ca1ba0089so717991d50.1 for ; Thu, 19 Mar 2026 00:53:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1773906830; cv=none; d=google.com; s=arc-20240605; b=Cpzkm4680LnMm30DZnx8ivnExIUbOSCHk66H/ADR4woWFMHZbEoIfY9xXG42fXHcbW RekTyd4p2mxRZLSkMGz1gpdFxvi4l3ttnJzidIMaSYI8GfOUHNNsUaRumsUxPQv7PsWy 7KbWZtihCa1QmsrpDk5JCgUsF9YWIMExr0RzOJnaORNIFSZmt6SyB47+XhIErg3ocGQo xlMYaBvtGFOJ5njUGzJddsCwPEFZ7j/Cd15AIKHqqqRao6lTUEw7GMs+VaPc92AD0j0G ZFqrXLHtO1ju9cGwPr37rNcySc+hOq1dSPpIt5nsupKytq9S3L8UORLkMprtYQIgKuRG sRRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=J4KAjMJipdb5HQmEyxWFy+OVlQsL8wBmXB7vO6hYN/w=; fh=RWkQ3W7Uu62kqnyPyRXaaXWuLuxnItswgcWXRsUt0Os=; b=JwjaZRcgS0+RWEamOtOeB7jDSiL3Yby4/bnaEWPHXvlHZJEeCGOPs8WEhSG8MkprnM SQ4Tm52ueXZzg3BhT7zkRrDig04NKkh0JGdzs+jLkoggSub/Yw4OTwZy57rx1ipFz6Uc D7LdBFJxIKirCQ6Dih868DnRCWq5kBhbDdHVmcgdQ066WoO6L/ZzeQa/RSl7X69UeeVf 1bG05/F0Cs0B5fDKH+sfJ71K7bKhGnc08q2UVXq/bVgRj2hpom84eOtK+PV5x8AGE0S6 7OAIZo4wf98N7ymCAthTZjbrw8YxLN2rIqJikIy3zCUHAJrZCTcVHidca9K49XS17GyN Ve0Q==; darn=postgresql.org ARC-Authentication-Results: i=1; mx.google.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773906830; x=1774511630; darn=postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=J4KAjMJipdb5HQmEyxWFy+OVlQsL8wBmXB7vO6hYN/w=; b=KZW87umXNjFdMNNuTiCYPJAoTOXotWCXgpUzvX6+tA0tEHO8nEnYV40ZytxFhCEpy2 c/CRmXVSofsazrOHW9ksQnvcGca4TeW0y1mOQdiep4J1NESKwoB6JMdvybcbF7r/6G0F PnSZypxWwmYsGTjIMUG7VV7DW1RAfQRPUei9UUi3g1qr/zoHfqEd+Fla9YpHHRkty9vd 3eGlN37qN9CkuDEXJCduE0ORj3etjfxUWhPf5bu2SIRpgkForAtANoDuwRIDF1/tlUVS v40PatG4efBwoUNDiCbQsdcRVC3VDSRyeZnFGvs6slxZEVGM2Nj5mJPEQxsdCWEQq16H v/qQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773906830; x=1774511630; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=J4KAjMJipdb5HQmEyxWFy+OVlQsL8wBmXB7vO6hYN/w=; b=jkRvkqnJbOHJc2tu9Mq7qQjnY3pi9a4cBGBu2hVCyFqIgYHV6aQ8BPEGg0hEzk1qej YIiRqfLD7YS4jCk0ppev5C8uPJOH1QdJ/JYK/wwelq8iGeqXAtHGurmKvBVTNThLA9eT 1rvwxdDr6kYvwjSyVRbCf+nplYqicYmF5f5f4tAxhkQWAq0pFSUDH6TDRrcWqguCuWsi Q4aNsFJ45WZqR/4GZR1R9j/a12n8IxRKpWR1ifO5R/eAZrkAHCAklWTopETbYi0Xewoj Do0A7NhKrUej2tpGajecIWiCOkMSQJV7d4rI7CXDncEyj8vJTIL8c51z/JQ8hYQiExtT nOqg== X-Forwarded-Encrypted: i=1; AJvYcCXUDoLP+bWFUsNoLXj8g3+OOypJuaA+0jlguzrOmiWplu1pqTbqiN8XU8V+wxkQT5KpLbvmBgJs3EPniiF4@postgresql.org X-Gm-Message-State: AOJu0YzPgbYLd12lvgx+Jtpj5V1yIBrlOdGYXcYZy7YNwUSatEynonzE SQ2vLNqBxMO/V6+fnaH/deYO4ifl88tH0r9f6jZLbIEy54fQQC1h7kW9mzHEUyU+we/UBYHc3Vq R/1+dviwxGrXOxHgMCHSVJLxtIVhRcaM= X-Gm-Gg: ATEYQzzxECMckLbVbzBasr8hpfpImDFI9yM0SRmjNiTg1W33eB3L6x7aLgCUqpGOpn4 g2RcDtwhcTeUk2vObqVSU6wefFyQ/R7RN1ybllsPAxoJQ5Q/ovL0VPL+7594O6zWV14Rs3VgwRS fqsCCyxn2/cz4y5Mzomgc7cDXkoesLcKBDoOpuIKD5pMv4TfnT7BKScSuifYa2FPRB0aNKyRlfx JbHuhSLxcUZSqYbKCGo8hojCjGprVbwmuE4ZghKd/oc90fv/ZDWGsF3BmOR/kfAJWVCLq8kgiOn YDy3H7+R/umOFu1KO3d7N45lpy8IaCmEwkY10QRtBWZecQU6frltm/G1vz83xe6qahWCqbO9M8z tK5DreqaBdliMOELnb72N+S6ntLLOA/mZBOZQgINKobQo7QwUq+Ll4jJdjg== X-Received: by 2002:a05:690e:120f:b0:64e:a473:d17a with SMTP id 956f58d0204a3-64ea473db8amr344836d50.53.1773906830374; Thu, 19 Mar 2026 00:53:50 -0700 (PDT) MIME-Version: 1.0 References: <64f1c69a-ceff-4b17-8298-58f255d075fc@gmail.com> <7f6e0ff9-05e9-4664-9c71-d9dd744362b9@gmail.com> In-Reply-To: <7f6e0ff9-05e9-4664-9c71-d9dd744362b9@gmail.com> From: Pavel Stehule Date: Thu, 19 Mar 2026 08:53:13 +0100 X-Gm-Features: AaiRm51Kclg6-7rG7Btn7A2hcbcuit8GF7DpCCzPiUya8qinsKbAl7b-NdAFuLQ Message-ID: Subject: Re: Read-only connection mode for AI workflows. To: Andrei Lepikhov Cc: Jack Bonatakis , pgsql-hackers , Bruce Momjian , Andres Freund Content-Type: multipart/alternative; boundary="0000000000007d3c30064d5bdeab" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --0000000000007d3c30064d5bdeab Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi =C4=8Dt 19. 3. 2026 v 8:44 odes=C3=ADlatel Andrei Lepikhov napsal: > On 16/3/26 22:01, Andrei Lepikhov wrote: > > On 16/3/26 20:28, Jack Bonatakis wrote: > >> On Mon, Mar 16, 2026, at 2:08 PM, Andrei Lepikhov wrote: > >>> I believe the pg_readonly [1] extension does what you're looking for, > so > >>> you might want to give it a try. > >> Please correct me if I am mistaken, but it looks like pg_readonly > >> operates at the database or cluster level. > > Take a look at the [1] project. It's a simpler version of [2] that > always switches to read-only mode. > To use it, just have your connection pooler load the 'safesession' > module. This will keep the session in read-only mode until it ends. > There are no GUCs, and there is no way to change the mode, even for a > superuser. Does this seem safe enough? > > We could improve it by restricting manual calls to specific utility > operations, such as VACUUM or REINDEX. However, we would need some > specifications first. > It doesn't cover possibility to set GUC by set_config function Regards Pavel > [1] https://github.com/danolivo/safesession/ > [2] https://github.com/pierreforstmann/pg_readonly > > -- > regards, Andrei Lepikhov, > pgEdge > > > --0000000000007d3c30064d5bdeab Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi

=C4=8Dt 19. 3. 2026 v=C2=A08:= 44 odes=C3=ADlatel Andrei Lepikhov <lepihov@gmail.com> napsal:
On 16/3/26 22:01, Andrei Lepikhov wrote:
> On 16/3/26 20:28, Jack Bonatakis wrote:
>> On Mon, Mar 16, 2026, at 2:08 PM, Andrei Lepikhov wrote:
>>> I believe the pg_readonly [1] extension does what you're l= ooking for, so
>>> you might want to give it a try.
>> Please correct me if I am mistaken, but it looks like pg_readonly =
>> operates at the database or cluster level.

Take a look at the [1] project. It's a simpler version of [2] that
always switches to read-only mode.
To use it, just have your connection pooler load the 'safesession' =
module. This will keep the session in read-only mode until it ends.
There are no GUCs, and there is no way to change the mode, even for a
superuser. Does this seem safe enough?

We could improve it by restricting manual calls to specific utility
operations, such as VACUUM or REINDEX. However, we would need some
specifications first.

It doesn't=C2= =A0cover=C2=A0 possibility to set GUC by set_config function

=
Regards

Pavel


[1] https://github.com/danolivo/safesession/
[2] https://github.com/pierreforstmann/pg_readonly=

--
regards, Andrei Lepikhov,
pgEdge


--0000000000007d3c30064d5bdeab--