| From: | Mat Arye <mat(at)tigerdata(dot)com> |
|---|---|
| To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Read-only connection mode for AI workflows. |
| Date: | 2025-08-07 16:46:47 |
| Message-ID: | CADsUR0B9bcJQKYHyUMnWcODGzF5+AdeToawULkkTKfrq32Z-8w@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi All,
A common desire for AI agents accessing the database is to have read-only
access for the agents. You can create special roles with explicit
assignment or use pg_read_all_data but this is cumbersome and not very
ergonomic. Often, people want to use an existing role but as part of a
connection that is marked "read-only". This can be done with
the transaction_read_only GUC, however the AI could unset that in all kinds
of clever ways by executing SQL commands.
For example, a popular MCP server (I am NOT affiliated with) goes through
all kinds of hoops to avoid this: https://github.com/crystaldba/postgres-mcp
It would be nice to force a connection into read-only mode. Connection
setup is usually not AI controlled while the SQL executed sometimes is.
That's why being able to control read-only mode on the connection level
would be useful.
I'd be happy to submit a patch if there is interest in this feature
(especially if I get some pointers to where people would like to see this
implemented).
Thanks,
Mat
TigerData
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jacob Champion | 2025-08-07 18:11:02 | Re: [PATCH] OAuth: fix performance bug with stuck multiplexer events |
| Previous Message | Aleksander Alekseev | 2025-08-07 16:36:24 | Re: VM corruption on standby |