Skip site navigation (1) Skip section navigation (2)

Re: Protection from SQL injection

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Thomas Mueller <thomas(dot)tom(dot)mueller(at)gmail(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Protection from SQL injection
Date: 2008-04-28 19:17:35
Message-ID: 20080428191735.GC29912@tamriel.snowman.net (view raw or flat)
Thread:
Lists: pgsql-hackers
* Thomas Mueller (thomas(dot)tom(dot)mueller(at)gmail(dot)com) wrote:
> As you know, "SQL injection" is the main security problem of databases today.

I think there's a fallacy there- it's the main security problem of
applications (particularly those on the web) today.  It hasn't got much
at all to do with the database's security.

Also, hasn't this been discussed to death already?

	Stephen

In response to

pgsql-hackers by date

Next:From: Alvaro HerreraDate: 2008-04-28 20:25:03
Subject: Re: [HACKERS] Removing typename from A_Const (was: Emptyarrays with ARRAY[])
Previous:From: Josh BerkusDate: 2008-04-28 19:09:29
Subject: Re: Protection from SQL injection

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group