Re: SQL Injection Concern

• From: Mladen Gogala <mgogala@xxxxxxxxxxxxxxxxxxxx>
• To: DGoulet@xxxxxxxx
• Date: Mon, 10 Jan 2005 11:49:22 -0500

Goulet, Dick wrote:

>Jon,
>
>       Yes that is a concern.  In our case data that goes into a table
>is only data to be passed to the procedure, not part of an execute
>immediate.=20
>  
>
Oracle 10g has regular expressions, which can reduce the likelihood
of someone entering misformed SQL command and executing it on behalf of the
server.

-- 
Mladen Gogala
Oracle DBA
Ext. 121


--
//www.freelists.org/webpage/oracle-l

• References:
  • RE: SQL Injection Concern
    • From: Goulet, Dick

Other related posts:

• » SQL Injection Concern
• » RE: SQL Injection Concern
• » RE: SQL Injection Concern
• » Re: SQL Injection Concern
• » RE: SQL Injection Concern
• » RE: SQL Injection Concern
• » Re: SQL Injection Concern
• » RE: SQL Injection Concern
• » RE: SQL Injection Concern
• » Re: SQL Injection Concern
• » Re: SQL Injection Concern

1. Home
2. oracle-l
3. Archive
4. 01-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---