Home > mailing lists

Re: Running untrusted sql safely? - Mailing list pgsql-general

From	Stuart McGraw
Subject	Re: Running untrusted sql safely?
Date	February 15, 2009 21:09:41
Msg-id	49989297.5070007@frii.com Whole thread Raw
In response to	Re: Running untrusted sql safely? (John R Pierce <pierce@hogranch.com>)
Responses	Re: Running untrusted sql safely?
List	pgsql-general

Tree view

John R Pierce wrote:
> Stuart McGraw wrote:
>> What is the best way to run an arbitrary
>> query received from an untrusted source,
>> safely?
>>
>> (I want a web page form with a textbox that
>> a user can enter an arbitrary sql statement,
>> then run it .....
>
> just keep http://xkcd.com/327/ in mind.

Yes, exactly what I would like some advice
on avoiding! :-)

pgsql-general by date:

From: "Bob Pawley"
Date: 15 February 2009, 21:04:52
Subject: Re: Attempting to connect

From: Adrian Klaver
Date: 15 February 2009, 21:19:15
Subject: Re: Attempting to connect

Re: Running untrusted sql safely? - Mailing list pgsql-general

Previous

Next