![]() SQL database system |
Summary of security issues
Untrusted users should not be allowed to enter SQL commands directly,
except perhaps where your database is set to
read-only
CREATE STREAM
issues shell commands. If you build these shell commands on the fly
using user input, any shell metacharacters should be filtered
out of the user input to prevent hack attempts.
|
![]() Copyright Steve Grubb |