On Thu, 2006-12-21 at 05:04 -0500, Erik Hatcher wrote: > On Dec 21, 2006, at 4:56 AM, Deepan wrote: > > I am bothered about security problems with lucene. Is it vulnerable to > > any kind of injection like mysql injection? many times the query from > > user is passed to lucene for search without validating. > > Rest easy. There are no known security issues with Lucene, and it > has even undergone a recent static code analysis by Fortify (see the > lucene-dev e-mail list archives). Unlike SQL, there is no > destructive behavior available through the QueryParser. thanks Erik,
> > Erik > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > -- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
