Home > mailing lists

vulnerability of COPY command - Mailing list pgsql-general

From	Dennis Gearon
Subject	vulnerability of COPY command
Date	May 30, 2010 05:41:16
Msg-id	404285.73527.qm@web82101.mail.mud.yahoo.com Whole thread Raw
Responses	Re: vulnerability of COPY command (Pavel Stehule <pavel.stehule@gmail.com>) Re: vulnerability of COPY command (Martin Gainty <mgainty@hotmail.com>)
List	pgsql-general

Tree view

I'm trying to build a way to bulk load from a script to a Dbase, postgres.

Using single, parameterized statements is a pretty good defense against SQL injection, so I use Symfony as the main
userinput. 

But for this bulk loading, it's tooooooo slow.

If I build a text based, COPY file for bulk purposes, to be input via the command line, is Postgres vulnerable to SQL
injectionfrom that? 


Dennis Gearon

Signature Warning
----------------
EARTH has a Right To Life,
  otherwise we all die.

Read 'Hot, Flat, and Crowded'
Laugh at http://www.yert.com/film.php

pgsql-general by date:

From: Scott Marlowe
Date: 30 May 2010, 03:55:00
Subject: Re: [GENERAL] Re: [GENERAL] hi，for help!

From: Pavel Stehule
Date: 30 May 2010, 07:19:51
Subject: Re: vulnerability of COPY command

vulnerability of COPY command - Mailing list pgsql-general

Previous

Next