On Sat, 2003-07-26 at 21:31, Gavin Sherry wrote:
> > > - Read only transactions, bringing a greater level of security to web and
> > > enterprise applications by protecting data from modification.
>
> This should be removed. Even though I added it to the press release, I've
> just realised it's not really a security measure against SQL injection
> since injected code can just specify 'SET TRANSACTION READ WRITE'. We
> should still mention it, but not as a security measure.
>
Aside from spec compliance, whats the bonus for having it then? Or put a
better way, why/when would I want to use this?
Robert Treat
--
Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL