On 04/20/2018 04:03 PM, Andrew Gierth wrote:
>>>>>> "Chapman" == Chapman Flack <chap@anastigmatix.net> writes:
> Chapman> It seemed to me at the time to be not hard to implement, even
> Chapman> just as an extension for proof of concept. One small obstacle
> Chapman> is that the check hook on a variable doesn't get called during
> Chapman> attempted RESET, so the only way to block a prohibited RESET
> Chapman> would have to be from an assign hook, which isn't expected to
> Chapman> fail. It could surely throw an error, but which would mess up
> Chapman> the whole RESET, but might be tolerable.
>
> Assign hooks aren't allowed to throw errors under any circumstance
> because they're called during transaction abort, and throwing an error
> during abort is obviously not tolerable.
Ah yes, now you remind me, that was why I had put my extension idea
on the table at the time.
It seems as if, for any of these ideas (cookie-protection of GUCs
or just SET READONLY for GUCs), at least some small patch to core
will be prerequisite, to allow either a flag or a reset check hook
able to make RESET skip protected GUCs.
-Chap