Hello,
I'd like to create tables based off user input, but I'm uncertain about the
security implications. Most of the raw text data consists of column and
table names, which will be restricted and validated to snake_case with no
special characters. I assume I'm okay there, but confirmation
On Sat, Apr 6, 2019 at 8:43 PM Zac Goldstein wrote:
>
> >they are severe.
> I thought this would likely be the case. Exposure to DoS attacks is
> interesting and something I hadn't thought of, so I'm glad you brought that
> up.
>
> I do have a parser already set up that I could use for this,
On Sat, Apr 6, 2019 at 6:56 PM Zac Goldstein wrote:
>
> Hello,
>
> I'd like to create tables based off user input, but I'm uncertain about the
> security implications.
they are severe.DDL is modification to the database schema
structure and requires a lot of privileges too, depending on
>they are severe.
I thought this would likely be the case. Exposure to DoS attacks is
interesting and something I hadn't thought of, so I'm glad you brought that
up.
I do have a parser already set up that I could use for this, but I was
hoping for something more foolproof. The other thought I
Ok, makes sense. Thanks for the help.
On Saturday, April 6, 2019 at 7:04:42 PM UTC-7, Mike Bayer wrote:
>
> On Sat, Apr 6, 2019 at 8:43 PM Zac Goldstein > wrote:
> >
> > >they are severe.
> > I thought this would likely be the case. Exposure to DoS attacks is
> interesting and something I