| From: | Dennis Gearon <gearond(at)sbcglobal(dot)net> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | feature suggestion and return to pgsql-general :-) |
| Date: | 2009-04-24 04:53:19 |
| Message-ID: | 632529.70966.qm@web82107.mail.mud.yahoo.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi guys, I am back after a long time of doing other kinds of work. Don't know if anybody remembers me - not a biggee.
I am again working on a design of a web application for myself. Security seems MUCH more of an issue, EVERY day.
So I had these to suggestions/feature requests.
To prevent SQL injection, have either permissions-per-role, or DB wide, or DB instance configurable with defalaults and over ride configuration, blah blah, the following.
A flag/permission to allow ONLY prepared queries
A flag/permission to allow ONLY UDF/procedures.
These may be mutually exclusive?
But a way to set a database to absolutely be strongly sql injection proof.
Comments?
Dennis Gearon
Signature Warning
----------------
EARTH has a Right To Life
I agree with Bolivian President Evo Morales
# The right to life: "The right for no ecosystem to be eliminated by the irresponsible acts of human beings."
# The right of biosystems to regenerate themselves: "Development cannot be infinite. There's a limit on everything."
# The right to a clean life: "The right for Mother Earth to live without contamination, pollution. Fish and animals and trees have rights."
# The right to harmony and balance between everyone and everything: "We are all interdependent."
See the movie - 'Inconvenient Truth'
See the movie - 'Syriana'
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dhaval Shah | 2009-04-24 07:05:50 | Question regarding pam_pgsql [looking for a BSD License pam_pgsql] |
| Previous Message | Scott Marlowe | 2009-04-24 02:28:43 | Re: need help for PostgreSQL consistency check mechanism |