Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.databases.postgresql > #472

Re: in general for security do you use stored procs only?

From Robert Klemme <shortcutter@googlemail.com>
Newsgroups comp.databases.postgresql
Subject Re: in general for security do you use stored procs only?
Date 2013-06-20 19:21 +0200
Message-ID <b2gs1lFdgc8U1@mid.individual.net> (permalink)
References <aef2b761-9572-4f4f-937c-054caf4855d5@googlegroups.com> <a6f2a2f9-8ee5-4b29-8d5d-95c5c9c6cd58@googlegroups.com> <ec355e93-2f7d-46f4-bb4b-0754f5b88289@googlegroups.com>

Show all headers | View raw

On 20.06.2013 00:26, johannes falcone wrote:
> like someone logs in as the web app, and does select * from *
> sweeping through that entire database for all info?

And stored procedures help exactly how to prevent that?  You probably 
rather want to look up "SQL injection" with your favorite duckduckgo.

Cheers

	robert


-- 
remember.guy do |as, often| as.you_can - without end
http://blog.rubybestpractices.com/

Back to comp.databases.postgresql | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

in general for security do you use stored procs only? johannes falcone <visphatesjava@gmail.com> - 2013-06-18 12:03 -0700
  Re: in general for security do you use stored procs only? Robert Klemme <shortcutter@googlemail.com> - 2013-06-19 06:31 -0700
    Re: in general for security do you use stored procs only? johannes falcone <visphatesjava@gmail.com> - 2013-06-19 15:26 -0700
      Re: in general for security do you use stored procs only? Robert Klemme <shortcutter@googlemail.com> - 2013-06-20 19:21 +0200
        Re: in general for security do you use stored procs only? johannes falcone <visphatesjava@gmail.com> - 2013-08-11 20:45 -0700

csiph-web