Emphasize read-only mode for security, closes #95

Author: simonw

docs/security.md

@@ -2,6 +2,10 @@
 
 Allowing people to execute their own SQL directly against your database is risky business!
 
+The safest way to use this tool is to create a read-only replica of your PostgreSQL database with a read-only role that enforces a statement time-limit for executed queries. Different database providers have different mechanisms for doing this - consult your hosting provider's documentation.
+
+You should only provide access to this tool to people you trust. Malicious users may be able to negatively affect the performance of your servers through constructing SQL queries that deliberately consume large amounts of resources.
+
 Configured correctly, Django SQL Dashboard uses a number of measures to keep your data and your database server safe:
 
 - I strongly recommend creating a dedicated PostgreSQL role for accessing your database with read-only permissions granted to an allow-list of tables. PostgreSQL has extremely robust, well tested permissions which this tool can take full advantage of.

docs/setup.md

@@ -24,6 +24,8 @@ urlpatterns = [
 
 ## Setting up read-only PostgreSQL credentials
 
+The safest way to use this tool is against a dedicated read-only replica of your database - see [security](./security) for more details.
+
 Create a new PostgreSQL user or role that is limited to read-only SELECT access to a specific list of tables.
 
 If your read-only role is called `my-read-only-role`, you can grant access using the following SQL (executed as a privileged user):