| From: | Glen Eustace <geustace(at)godzone(dot)net(dot)nz> |
|---|---|
| To: | Doug McNaught <doug(at)wireboard(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Embedded SQL vulnerability |
| Date: | 2001-09-01 02:13:23 |
| Message-ID: | 01090114132307.01171@agree-6 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Saturday 01 September 2001 12:26, Doug McNaught wrote:
>
> A patch did go in just recently, but didn't make it into 7.1.3.
>
> You can always do the escaping yourself--the patch just makes the
> escape call available in the library; it doesn't automatically fix
> your code.
Agreed, but if it were in a library that I am linking already, then I don't
need to either have a library of my own or add code to 'escape' to each
programme.
In the interim, I have simply added the code to mod_auth_pgsql
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Glen and Rosanne Eustace,
GodZone Internet Services, a division of AGRE Enterprises Ltd.,
P.O. Box 8020, Palmerston North, New Zealand 5301
Ph/Fax: +64 6 357 8168, Mob: +64 21 424 015
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martijn van Oosterhout | 2001-09-01 02:34:29 | Re: Problem with large select - PostgreSQL starts eating memory/disk |
| Previous Message | Alex Knight | 2001-09-01 01:46:55 | Re: PL/java? |