Re: [SECURITY] DoS attack on backend possible (was: Re:

Hi,

-- ngpg@grymmjack.com wrote:

>  What about checking the input for backslash, quote,
> and double quote (\'")?  If you are not taking care of those in input
> then  crashing the backend is going to be the least of your worries.

with Perl and *using placeholders and bind values*, the application
developer has not to worry about this. So, usually I don't check the
values in my applications (e.g. if only values between 1 and 5 are
allowed and under normal circumstances only these are possible), it's the
task of the database (check constraint).


Ciao Alvar


--
** ODEM ist für den poldi Award nominiert! http://www.poldiaward.de/
** http://www.poldiaward.de/index.php?display=detail&cat=audi&item=24
** http://odem.org/
** Mehr Projekte: http://alvar.a-blast.org/