In T151158, we plan to make public ToolsDB databases (the ones with a name ending in _p) queryable from Quarry. For this, Quarry needs a db user in which any write access to tools databases are explicitly denied.
s52788 is the existing user for querying replicas – maybe we could use the same after adjusting its permissions.