This short tutorial should stop you from accidentally replacing your production database with an incorrectly ordered drush sql-sync command. Most website developers working to deadlines need to be protected from themselves! Try explaining to a client that their site of many years now contains dummy content.

Create a policy.drush.inc int the same directory that contains the site-aliases directory. This is probably $HOME/.drush. The code is real simple.

For a more in-depth look at drush policy files, there is an example policy.drush.inc in the example folder of your drush package.

<?php

/**
 * Implements drush_hook_COMMAND_validate.
 *
 * Prevent a catastrophic brain-fart -- only allow users to overwrite their
 * local database.
 */
function drush_policy_sql_sync_validate($source = NULL, $dest = NULL) {
    if (
        $dest == '@example.local' ||
        $dest == '@example2.local'||
        FALSE === strpos($dest, '@')) {
        return TRUE;
    }
    else {
        return drush_set_error(dt('You may only overwrite your local database -- check your source/destination order. It should be similar to "drush sql-sync @remote @local".'));
    }
}
?>

This should now check that the destination database is indeed your local database. As you can see, you can check multiple aliases with one drush policy file.