Re: Modifying SQL query for security?? What is your opinion?
Date: 1996/11/20
Message-ID: <32928131.3122_at_mljdag1.dev.japan.ml.com>#1/1
Sandor Laza wrote:
>
> Hi guys,
>
> I need some advice:
>
> I company prepared a security study for us in which they
> advised not to use trusted RDBMS systems (like trusted Oracle
> or Trusted Ingres), but develop an application which capture all the
> SQL querys sent to the server modify them according several security
> rules (for example extend the where clouse somehow) and pass the
> modified query to the RDBMS engine.
>
> Have you ever seen or heard about this kind of solution implemented?
> What do you think, it is feasible?
>
> My personal opinion is, that it can be implemented, but the
> implementation means at least the reimplementation of the SQL
> interpreter of the given RDBMS. Or not?
Mike Received on Wed Nov 20 1996 - 00:00:00 CET