Home > mailing lists

Re: Protection from SQL injection - Mailing list pgsql-hackers

From	Florian Weimer
Subject	Re: Protection from SQL injection
Date	May 4, 2008 17:38:55
Msg-id	87y76qufyy.fsf@mid.deneb.enyo.de Whole thread Raw
In response to	Protection from SQL injection ("Thomas Mueller" <thomas.tom.mueller@gmail.com>)
List	pgsql-hackers

Tree view

* Thomas Mueller:

> What do you think about it? Do you think it makes sense to implement
> this security feature in PostgreSQL as well?

Can't this be implemented in the client library, or a wrapper around it?
A simple approximation would be to raise an error when you encounter a
query string that isn't contained in some special configuration file.

pgsql-hackers by date:

From: Tom Lane
Date: 04 May 2008, 17:29:43
Subject: Re: Proposed Patch - LDAPS support for servers on port 636 w/o TLS

From: Andrew Dunstan
Date: 04 May 2008, 17:55:46
Subject: Re: Patch for Prevent pg_dump/pg_restore from being affected by statement_timeout

Re: Protection from SQL injection - Mailing list pgsql-hackers

Previous

Next