[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] Commas

From: Horst Herb
Subject: Re: [Gnumed-devel] Commas
Date: Thu, 26 Jun 2003 16:55:19 +1000
User-agent: KMail/1.5.2

On Thu, 26 Jun 2003 16:30, Karsten Hilbert wrote:
> There's also a few other "malicious" things that need to be quoted
> that would form the basis of an SQL injection attack: " '); delete
> * from ...;" added to some value.

Why worry about that?
We cannot prevent the user from executing arbitrary SQL comands anyway.
The backend catches such changes in the audit trail.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]