From: Tarus B. <ta...@op...> - 2009-08-20 15:19:46
|
On Aug 18, 2009, at 7:25 PM, DJ Gregor wrote: > Lastly, we might want to make a parameterization-friendly version of > Querier to make it easier to upgrade old SQL queries in an SQL > injection-resistant manner. Great idea. While there should be little danger to a network posed by owning an OpenNMS server, the latest arrest on the 130 million credit card number scheme showed that SQL injections are a) pretty common and b) pretty powerful. We want to avoid them, of course. -T _______________________________________________________________________ Tarus Balog, OpenNMS Maintainer Main: +1 919 533 0160 The OpenNMS Group, Inc. Fax: +1 773 345 3645 Email: ta...@op... URL: http://www.opennms.org PGP Key Fingerprint: 8945 8521 9771 FEC9 5481 512B FECA 11D2 FD82 B45C |