I'm not quite clear what the goal of allow_system_table_mods is. Obviously, it's extremely dangerous to target catalogs with DDL. But at the same time we allow DML to catalog tables without any sort of restriction.
I also don't understand what's achieved by having allow_system_table_mods be PGC_POSTMASTER. If anything it seems to make it more likely to resort to a) leaving it enabled all the time b) use DML to modify catalogs.
Wouldn't it be more sensible to disallow all catalog modifications unless allow_system_table_mods was enabled, and make allow_system_table_mods PGC_SUSET and GUC_DISALLOW_IN_FILE?