Wade D. Oberpriller wrote:
> Hello all,
>
> I was wondering if PostgreSQL protects itself when executing user-defined
> functions? Or does it go under the assumption that all user-defined functions
> will NOT crash (if they do you have a serious problem and need to fix the
> function)?
>
> We are building an app where we want 3rd parties to be able to give us their
> data, and give us functions to check their data. We will insert the data into
> our database and run their functions when needed. However we don't want their
> functions to take down our system.
>
> Is this possible with PostgreSQL?
PostgreSQL does NOT protect itself in any way against user
defined functions written in C. They live in the same address
space as the backend, executing under the user ID of the
postgres superuser. So they not only can crash their own
backend, worst case they could possibly corrupt shared memory
data, thus corrupting the database and crashing other or
subsequent backends as well.
Insist on getting the code of the 3rd party functions and
check it carefully. Or require these functions beeing written
in a procedural language (PL/pgSQL, PL/Tcl or PL/perl).
Procedural languages are interpreted ones, so as long as the
language handler is safe, the backend is too.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #