Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: SQL Injection Concern

Re: SQL Injection Concern

From: Mladen Gogala <mgogala_at_allegientsystems.com>
Date: Mon, 10 Jan 2005 11:49:22 -0500
Message-ID: <41E2B212.1070809@allegientsystems.com>


Goulet, Dick wrote:

>Jon,
>
> Yes that is a concern. In our case data that goes into a table
>is only data to be passed to the procedure, not part of an execute
>immediate.=20
>
>

Oracle 10g has regular expressions, which can reduce the likelihood of someone entering misformed SQL command and executing it on behalf of the server.

-- 
Mladen Gogala
Oracle DBA
Ext. 121


--
http://www.freelists.org/webpage/oracle-l
Received on Mon Jan 10 2005 - 10:50:12 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US