Browse by Tags

• General Security
• sql injection
• SQL Server Execution Context
• SQL Server Signatures

Dynamic SQL and digital signatures in SQL Server 2005

As I already mentioned, dynamic SQL is a quite powerful, but also quite dangerous. In SQL Server 2005 we introduced a new feature that is also quite powerful and when used properly can be quite useful; but it is important to learn and understand any such Read More...

Posted 09 May 07 11:42 by raulga | 5 Comments   
Filed under SQL Server Execution Context, SQL Server Signatures, General Security, Dynamic SQL, sql injection

Dynamic SQL & SQL injection

I know there are a lot of papers that talk about dynamic SQL in more depth than what I am going to cover, but as SQL injection is still one of the biggest security problems in the relation databases world, that I decided to include this part as a quick Read More...

Posted 04 January 07 03:53 by raulga | 8 Comments   
Filed under Dynamic SQL, sql injection

Let's talk about Dynamic SQL (preamble)

I want to talk about how dynamic SQL is affected by the execution context, but as this is a huge and broad topic I am going to divide this topic into multiple parts and write different posts for each one of them, focusing in one aspect of dynamic SQL Read More...

Posted 04 January 07 03:46 by raulga | 1 Comments   
Filed under Dynamic SQL

Search

This Blog

• Home

Tags

• Dynamic SQL
• General Security
• sql injection
• SQL Server Encryption
• SQL Server Execution Context
• SQL Server Signatures

Archives

• November 2007 (1)
• July 2007 (2)
• May 2007 (2)
• January 2007 (2)
• October 2006 (1)
• July 2006 (1)
• May 2006 (1)
• March 2006 (1)

Syndication

• RSS 2.0
• Atom 1.0