SQL Feeds - All your SQL feeds in one place.

Tuesday, June 30, 2009

Looking for security vulnerabilities in database code

by kimberly.nospam@nospam.sqlskills.com (kltripp) via Kimberly L. Tripp on 6/30/2009 8:34:00 AM

I've always been concerned with security and I've always stressed the importance of auditing the REAL user context not just the current user (see this post on EXECUTE AS and auditing). So, I generally try to avoid using dynamic string execution and if necessary create well tested/protected parameters (fyi - using QUOTENAME can be a fantasic solution to protectng identifiers as input parameters but it can't protect more complex strings). Having said that, what if I'm looking a ...

[ read more ]

Subscribe

New Feed

Product Spotlight

Recently Updated Sources

Legal Note

The content of the postings is owned by the respective author. SQL Feeds is not responsible for the contents of the postings. This site is automatically generated and cannot be reviewed for abusive content. If you find abusive content on SQL Feeds, please contact us. Designated trademarks and brands are the property of their respective owners. All rights reserved.

Advertise with us