 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion Groups Database Servers DB2InformixIngresMS SQLOraclePervasive.SQLPostgreSQLProgressSybaseDesktop Databases FileMakerFoxProMS AccessParadoxGeneral General DB TopicsDatabase TheoryRelated Topics Java Development.NET DevelopmentVB DevelopmentMore Topics ... |
Database Forum / Informix Topics / January 2008DBLoad, any potential security issues? Possible SQL injection?
Is there any potential (security)risk to loading data with dbload? example : unchecked delimited text input -> dbload command file command file simply FILE data.txt DELIMITER '|' 3; INSERT INTO test ( text1, text2, text3 ) VALUES (f01,f02,f03); What (if any) risks are there here? Is there any way for a malicious user to embed SQL commands inside the delimited text input? > Is there any potential (security)risk to loading data with dbload? > [quoted text clipped - 17 lines] > user to embed SQL commands inside the delimited text input? > They can embed anything that they want, it's just text data and it will simply be inserted into the table, not executed. There are no know security problems with dbload. It's a venerable and reliable tool. Art S. Kagel Oninit =========================================================================================== Please access the attached hyperlink for an important electronic communications disclaimer: http://www.oninit.com/home/disclaimer.php =========================================================================================== |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.