Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: SQL Injection Concern

Re: SQL Injection Concern

From: Mladen Gogala <mgogala_at_allegientsystems.com>
Date: Mon, 10 Jan 2005 11:49:22 -0500
Message-ID: <41E2B212.1070809@allegientsystems.com> 





Goulet, Dick wrote:



>Jon,

>

>	Yes that is a concern.  In our case data that goes into a table

>is only data to be passed to the procedure, not part of an execute

>immediate.=20

>  

>



Oracle 10g has regular expressions, which can reduce the likelihood
of someone entering misformed SQL command and executing it on behalf of the
server.


-- 
Mladen Gogala
Oracle DBA
Ext. 121


--
http://www.freelists.org/webpage/oracle-l


Received on Mon Jan 10 2005 - 10:50:12 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US