Re: Potential security risk associated with function call

From: Kirill Reshke <reshkekirill(at)gmail(dot)com>
To: Jet <zhangchenxi(at)halodbtech(dot)com>
Cc: Matthias van de Meent <boekewurm+postgres(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Potential security risk associated with function call
Date: 2026-03-10 12:39:28
Message-ID: CALdSSPj7yhwWu1PVZaHBNjiH0FZcwiLw8dv02zEMqS1f6KB7uQ@mail.gmail.com
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, 10 Mar 2026 at 17:27, Jet <zhangchenxi(at)halodbtech(dot)com> wrote:

> > It is the explicit responsibility of
> > the superuser to make sure the functions they create using untrusted
> > languages are correct and execute safely when called by PostgreSQL.
> But the question is how can a superuser know the "internal" and "c" functions
> implementation details? He will not know whether the code has !PG_ARGISNULL(...),
> and create a harmful function accidentally...

I think our global assumption is that superuser is super-wise and
knows everything

--
Best regards,
Kirill Reshke

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Jet 2026-03-10 12:44:46 Re: Potential security risk associated with function call
Previous Message David G. Johnston 2026-03-10 12:37:13 Re: Potential security risk associated with function call