oberpwd@anubis.network.com (Wade D. Oberpriller) writes:
> I was wondering if PostgreSQL protects itself when executing user-defined
> functions?
User-written functions coded in C are insecure by definition; it's up
to you to get them right. The other available programming languages
are considerably safer.
> We are building an app where we want 3rd parties to be able to give us their
> data, and give us functions to check their data. We will insert the data into
> our database and run their functions when needed. However we don't want their
> functions to take down our system.
Don't accept C functions then...
regards, tom lane