Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w4bIt-002Lz0-0d
	for pgsql-hackers@arkaria.postgresql.org;
	Mon, 23 Mar 2026 09:10:32 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w4bIr-00Gb2y-1a
	for pgsql-hackers@arkaria.postgresql.org;
	Mon, 23 Mar 2026 09:10:29 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <me@jeltef.nl>)
	id 1w4bIr-00Gb2q-0c
	for pgsql-hackers@lists.postgresql.org;
	Mon, 23 Mar 2026 09:10:29 +0000
Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <me@jeltef.nl>)
	id 1w4bIp-00000000bAb-2Rl2
	for pgsql-hackers@postgresql.org;
	Mon, 23 Mar 2026 09:10:28 +0000
Received: by mail-lf1-x136.google.com with SMTP id
 2adb3069b0e04-5a27daa652fso3789319e87.0
        for <pgsql-hackers@postgresql.org>;
 Mon, 23 Mar 2026 02:10:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1774257026; cv=none;
        d=google.com; s=arc-20240605;
        b=JuAyUOvgJ1PXXMxSoJKrPM0pGJVqjGSs8vl+XTcKJwbE7C87uurYOwbCMrW5gzvXrC
         h3TBpDWLPUCS+nbPZutvfR+xTU47wytXeqtyI8E0Chv9J5pdDwJhFqvEVKo3pHeY1JNe
         dB64ZrAtYkHliGIaMG2NU52KW2eU/LaRhBmBkqXo+wJYatJez1nJyw20bHz87YFA5VqC
         URV8sARP2Ry9ib7UFGV6ojAYuRclCCnzl2Jfgs/SDOf9aMS2K6IO32ZCR57cqP2KWL1U
         oB5s6S5Ry0FVn12C4rxhL3NRcIL36d4i/fFqCUI9c3cuNPlD2EnSGKRfmdox8iHHfMIB
         tQ4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=WKz32QO6YWkaDXmr+wVhlimGY7z3e4vC0BSireU2UO4=;
        fh=48dQJdz+xQg3WwdEjI8QRPlTYuw6OIXT7tBKNzMfUmM=;
        b=KCzsXiNDHb0uUN2u/J7GA8mOTsjohm+Rv35GG5f+b266SqfWFaM5fagOrwc5n1Mcuk
         yHpyDX2xkxzQ2P/Z8BEZ5LzInRo4c/cV9JnQqtm+lM03YLt45ChGinC46phF0MBrPRxQ
         vcJWYwrEtBa1wwMVYL//SjZZaNwUe5dEtuwhPgfQFXx9cJakVXVEAZhyPINYEOVTmrjm
         V3k2WjaxD/l2Wtk3PKJRb3sO+2R9dJJj1bEi6bbfCfLOiOxZCPnp8H05IAbs5AWazLPI
         +P5QRNDh+QvnRaPsJil2PNdcktGEjNOTd544Y9EA/M3LGf5ys0RVFFmNlySkI4941G2U
         VLKg==;
        darn=postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=jeltef.nl; s=google; t=1774257026; x=1774861826;
 darn=postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=WKz32QO6YWkaDXmr+wVhlimGY7z3e4vC0BSireU2UO4=;
        b=Y9q26utm5+ypGYO5JaMfXZ61AxwRkwjwuZbdgUCKEipAlhDdcmghIYeG18SniqZE02
         439KtXdgPBtOsQKD5Q1WELphzwhxT2Xtq0GIutVzUmCzNygJeCARcEfwtU7kTfa4PZC5
         kvGLhobwOE8F9B9VhU/w4Q+IdMIYCxV15kJa/NBDeTCr3Sn3/uEBo6ST7YzbuAalAq1a
         WrXi/lR2mAXtYx9EgFaTkAHMu09YchA+CcC1Ul4N1yrUdhyJKabIwFP5qwkVKSflSVHW
         2fBrrWQ4hI7ngj9Uy2sRGcd7pCR2gDkITtgSsmZ8ybgKe4LH3uxJPmS+Xj2E6hCer6de
         3tkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1774257026; x=1774861826;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=WKz32QO6YWkaDXmr+wVhlimGY7z3e4vC0BSireU2UO4=;
        b=n1uyrq9uKL/XE5ceTeSLnELN4yDjXOn8xDrmZUfEWu/PF7A06dpQhvO1RtuaKhyIcR
         uT+7ZHsduWGm+nDTLeHqyvbhacXGQYPujXc8zb56vbdFCm6/hak9pe6AV5IN5zRxwZ66
         PyHCxLX5CFeyZ3qaJww3uVdH361MbDw0P1PfhSW6Qsaw8sYVsGY1k3Cc1QSrQlLyV3F7
         zc+x86WR0pYTGv9U2gtyw7+ZmKT7mXsDGOKN95uMpDtSCs/Ti6A0pLgNbJku3YT89WCN
         cJpsB8b10klN+R+WB/lWqcA6JeBttOZCvrSXgvZIj6sIBq1Fya87y4iFwApRiPv1MO9v
         AT+A==
X-Forwarded-Encrypted: i=1;
 AJvYcCUVZRvvniX6uCtaZsPflnaQyJtvCEED58KaQNkB2Fn4FjOL6MWhkeb/JE1F5m53CSDHP5yOHkxO7KjBEelb@postgresql.org
X-Gm-Message-State: AOJu0Yzb82Rue64nzD3PYL+6JK90mNsKt6gPRaE/Wp1GzdatgcmEpQQL
	OO0bLl7aQydrRJmmt/lmplRUU29l3Adhy3bSsHkmiX9axhYSqsL2ub3ZahvZpkchcaYmp9jh+sl
	NuRwwpTVLbPa+krORF8INyXUUNSpBx2oLr3HJrgaxzg==
X-Gm-Gg: ATEYQzz4hqd/TBjL6bBO0OOCDfbQR3Wm5I+Zxj8ZxA0X1UwA878WbjUcvH/xkh5Yt0O
	7Y8p+lgCmzrml/bS7N9RMVJnsFM2Sqz4siS2RbagQ20rUsimPmljigLeJOVDuJjpUIVDxEoH3IU
	VwgegOMAoo10iL05bHVNpn1dYWO1TfmECTsudy6jMagUiubuFPYPa7AjotV0U/k66tOkwMuTDJ4
	8zANwaIoBN8kEFhNoWTXjo0dksfPMnNg/ZWE8O2YpoMDaM2TrDieEtciKL9LmDDkdihgaGy0Yas
	cPGjw9W+bMeglFBZLaY=
X-Received: by 2002:a05:6512:3096:b0:5a2:7a4f:bd1e with SMTP id
 2adb3069b0e04-5a285b7c78fmr4218405e87.45.1774257025647; Mon, 23 Mar 2026
 02:10:25 -0700 (PDT)
MIME-Version: 1.0
References: 
 <CADsUR0B9bcJQKYHyUMnWcODGzF5+AdeToawULkkTKfrq32Z-8w@mail.gmail.com>
 <64f1c69a-ceff-4b17-8298-58f255d075fc@gmail.com>
 <dde00623-b8e0-421b-a3f7-b149768894ef@app.fastmail.com>
 <fab6a5f3-df9f-4bd7-b2ac-434a17303547@gmail.com>
 <7f6e0ff9-05e9-4664-9c71-d9dd744362b9@gmail.com>
 <138cfd8c-b305-4303-9700-bc53ff4fb926@eisentraut.org>
 <CAKAnmmKgYqavU6xUPKgeOwOY0P9EycCmm339+PLaL5f4AQ9fNQ@mail.gmail.com>
In-Reply-To: 
 <CAKAnmmKgYqavU6xUPKgeOwOY0P9EycCmm339+PLaL5f4AQ9fNQ@mail.gmail.com>
From: Jelte Fennema-Nio <postgres@jeltef.nl>
Date: Mon, 23 Mar 2026 10:10:14 +0100
X-Gm-Features: AaiRm51Ofs_6yO6RHLGj-s4SzR_7OKwVs-7k6O3DweS86x-iK12gb-4Ja9AWD1k
Message-ID: 
 <CAGECzQSmRUw9qfpeJFApnhywH_FmLRCHKt4Gncn7zC-MDffchQ@mail.gmail.com>
Subject: Re: Read-only connection mode for AI workflows.
To: Greg Sabino Mullane <htamfids@gmail.com>
Cc: Peter Eisentraut <peter@eisentraut.org>,
 Andrei Lepikhov <lepihov@gmail.com>,
	Jack Bonatakis <jack@bonatak.is>,
 pgsql-hackers <pgsql-hackers@postgresql.org>,
	Bruce Momjian <bruce.momjian@enterprisedb.com>,
 Andres Freund <andres@anarazel.de>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAGECzQSmRUw9qfpeJFApnhywH_FmLRCHKt4Gncn7zC-MDffchQ%40mail.gmail.com>
Precedence: bulk

On Fri, 20 Mar 2026 at 13:33, Greg Sabino Mullane <htamfids@gmail.com> wrot=
e:
> I'm a +1 to the cluster-wide change, and a -1 to the per-connection idea =
that started this thread, because I still don't see the need for it when we=
 have an existing roles/permissions system that gets the job done. You want=
 your untrusted agent to read from your database? Create a specific role fo=
r that. If our existing per-role access controls are not sufficient, improv=
e them.

I think they are insufficient for two reasons:
1. Afaik there's no simple way to take an existing role and create a
new role from it that only has the read permissions of the original
role. Especially if you want those permissions to stay in sync between
the roles.
2. The user that would want to do this, often lacks the create role
permissions. So you effectively need admin access to the server to
downgrade your permissions to read only.

I think the best way to address this thread is to have a way to "lock"
settings down, like discussed in this thread[1]. Then a user could
simply run the sql to lock down the transaction_read_only and get a
read-only connection that it could give to the LLM.

[1]: https://www.postgresql.org/message-id/flat/CACA6kxh4MfRCHuY%2BuC2ZvXRQ=
UP63LqumNtxtLsDF-mJswAJR5w%40mail.gmail.com