On Tuesday, March 10, 2026, Jet <[email protected]> wrote: > > > It is the explicit responsibility of > > the superuser to make sure the functions they create using untrusted > > languages are correct and execute safely when called by PostgreSQL. > But the question is how can a superuser know the "internal" and "c" > functions > implementation details? He will not know whether the code has > !PG_ARGISNULL(...), > and create a harmful function accidentally...
You describe the fundamental problem/risk of the entire software industry. At least PostgreSQL has chosen a business model where the superuser has the option to read the source code. David J.
