MariaDB (and MySQL) supports setting max_statement_time (see https://mariadb.com/kb/en/aborting-statements/) to limit how long a query can run for. For known slow read queries (only SELECT), this would be useful in addition to the automated query killer to limit runtime to <= 60 seconds.
This could be seen as somewhat analogous to the wall clock limit we have for shell commands. I did not look to see whether Postgres/SQLite also support similar features, but I think that's fine initially as this is an optional/platform-dependent hardening measure (again, like how we limit shell commands).