On Sun, Oct 8, 2017 at 3:34 PM, Joe Conway <
mail@joeconway.com> wrote:
>
> On 10/06/2017 12:52 AM, Magnus Hagander wrote:
> > It would be a nice feature to have in general, like a "basic guc
> > permissions" thing. At least allowing a superuser to prevent exactly
> > this. You could argue the same thing for example for memory parameters
> > and such. We have no permissions at all when it comes to userset gucs
> > today -- and of course, if something should be added about this, it
> > should be done in a way that works for all the userset variables, not
> > just search_path.
>
> +1
>
> I have wished for exactly that more than once before.
>
+1
I have a multi-user and schema database with some user restrictions because it's a shared environment (i.e: statement_timeout, lock_timeout). But some "smart" users change to the GUC default and sometimes we suffer with it. Would be nice to have some kind of guc permissions.