Participants
Wade D. Oberpriller
Wade D. Oberpriller
Tom Lane
Tom Lane
Jan Wieck
Jan Wieck
Attachments
Show all attachments
Thread Outline
#1Wade D. OberprillerWade D. Oberpriller
Oct 04, 2000
#2Tom LaneTom Laneto Wade D. Oberpriller (#1)
Oct 05, 2000
#3Jan WieckJan Wieckto Wade D. Oberpriller (#1)
Oct 05, 2000

executing user-defined functions

Started by Wade D. Oberprillerover 25 years ago3 messagesgeneral
Jump to latest
#1Wade D. Oberpriller
Wade D. Oberpriller
oberpwd@anubis.network.com

Hello all,

I was wondering if PostgreSQL protects itself when executing user-defined
functions? Or does it go under the assumption that all user-defined functions
will NOT crash (if they do you have a serious problem and need to fix the
function)?

We are building an app where we want 3rd parties to be able to give us their
data, and give us functions to check their data. We will insert the data into
our database and run their functions when needed. However we don't want their
functions to take down our system.

Is this possible with PostgreSQL?

Wade Oberpriller
StorageTek
oberpwd@network.com

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Wade D. Oberpriller (#1)
Re: executing user-defined functions

oberpwd@anubis.network.com (Wade D. Oberpriller) writes:

I was wondering if PostgreSQL protects itself when executing user-defined
functions?

User-written functions coded in C are insecure by definition; it's up
to you to get them right. The other available programming languages
are considerably safer.

We are building an app where we want 3rd parties to be able to give us their
data, and give us functions to check their data. We will insert the data into
our database and run their functions when needed. However we don't want their
functions to take down our system.

Don't accept C functions then...

regards, tom lane

#3Jan Wieck
Jan Wieck
JanWieck@Yahoo.com
In reply to: Wade D. Oberpriller (#1)
Re: executing user-defined functions

Wade D. Oberpriller wrote:

Hello all,

I was wondering if PostgreSQL protects itself when executing user-defined
functions? Or does it go under the assumption that all user-defined functions
will NOT crash (if they do you have a serious problem and need to fix the
function)?

We are building an app where we want 3rd parties to be able to give us their
data, and give us functions to check their data. We will insert the data into
our database and run their functions when needed. However we don't want their
functions to take down our system.

Is this possible with PostgreSQL?

PostgreSQL does NOT protect itself in any way against user
defined functions written in C. They live in the same address
space as the backend, executing under the user ID of the
postgres superuser. So they not only can crash their own
backend, worst case they could possibly corrupt shared memory
data, thus corrupting the database and crashing other or
subsequent backends as well.

Insist on getting the code of the 3rd party functions and
check it carefully. Or require these functions beeing written
in a procedural language (PL/pgSQL, PL/Tcl or PL/perl).
Procedural languages are interpreted ones, so as long as the
language handler is safe, the backend is too.

Jan

--

#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #

← Back to Topics