Re: vulnerability of COPY command
| От | Pavel Stehule |
|---|---|
| Тема | Re: vulnerability of COPY command |
| Дата | |
| Msg-id | AANLkTilQph5jxTPZa4kc3BudysWvmRPlj7ANFLBX5rJc@mail.gmail.com обсуждение исходный текст |
| Ответ на | vulnerability of COPY command (Dennis Gearon <gearond@sbcglobal.net>) |
| Ответы |
Re: vulnerability of COPY command
|
| Список | pgsql-general |
Hello 2010/5/30 Dennis Gearon <gearond@sbcglobal.net>: > I'm trying to build a way to bulk load from a script to a Dbase, postgres. > > Using single, parameterized statements is a pretty good defense against SQL injection, so I use Symfony as the main userinput. > > But for this bulk loading, it's tooooooo slow. Maybe you have enabled autocomit - then it can be very very slow. > > If I build a text based, COPY file for bulk purposes, to be input via the command line, is Postgres vulnerable to SQL injectionfrom that? SQL database cannot be injected via NON SQL statemenst like COPY. Regards Pavel Stehule > > > Dennis Gearon > > Signature Warning > ---------------- > EARTH has a Right To Life, > otherwise we all die. > > Read 'Hot, Flat, and Crowded' > Laugh at http://www.yert.com/film.php > > -- > Sent via pgsql-general mailing list (pgsql-general@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general >
В списке pgsql-general по дате отправления: