Practice What You Preach
Posted Apr 3, 2006 15:50 UTC (Mon) by GreyWizard
In reply to: Mmmmhh
Parent article: SQL injection attacks
You reply to a comment about security through obscurity with an irrelevant analogy to shooting mosquitoes, and now you accuse me of not reading what I reply to? You rant and rave about the impossibility of perfect code, and now you tell me to calm down? Amusing. But your airy hand waving about "protecting features one doesn't need" still misses the point: using the dumbest database available would be a trade-off between security and functionality only if this were an effective substitute for plugging SQL injection holes in the application. As long as there are remote exploits the application cannot meet even the least demanding security requirements with any database.
This is really not so complicated. Practice what you preach, especially with regard to taking the time to think about it.
to post comments)