On Tue, 2011-03-29 at 12:06 +0100, Nick Telford wrote: > With regards to injection, I saw someone state "it's a red herring as > it's a client concern". While this may be true, experience teaches us > that pushing the responsibility to the client is dangerous due to the > many implementations. At the very least, the possibility of injection > attacks should be *considered*.
No, it's basically the point of this exercise to push as much as possible server-side. > My suggestion as a means of heavily mitigating the damage of these > attacks would be to only permit a single query at a time (i.e. remove > the ';' token). This is effectively the case. The parser is run exactly once for each request and is only capable of parsing exactly one statement (no less, no more). Terminating a query with ';' is allowed, but has no effect on this. > Only trusted, administrative client applications (e.g. a GUI or > console) should really permit issuing multiple queries like this. Such > clients could decompose the queries in to separate queries and issue > them individually. Easier still, because nothing has that ability. There is a very basic interactive interpreter bundled with the Python driver, it splits on ';' and issues individual requests. -- Eric Evans eev...@rackspace.com
