On 2010-06-25 19:49 , Lawrence D'Oliveiro wrote:
In message<slrni297ec.1m5.grahn+n...@frailea.sa.invalid>, Jorgen Grahn
wrote:
I thought it was well-known that the solution is *not* to try to
sanitize the input -- it's to switch to an interface which doesn't
involve generating an intermediate executable. In the Python example,
that would be something like os.popen2(['zcat', '-f', '--', untrusted]).
That’s what I mean. Why do people consider input sanitization so hard?
It's not hard per se; it's just repetitive, prone to the occasional mistake,
and, frankly, really boring. When faced with things like that, we do what we do
everywhere else in programming: wrap up the repetitive bits into a simpler
library API and use that everywhere. Wrapping up the escaping code into
SQLString is a step in that direction. However, the standard SQL
parameterization in most of the DB protocols or SQLAlchemy's query construction
removes even more repetition and unnecessary typing. There's just no point in
not using it.
--
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
--
http://mail.python.org/mailman/listinfo/python-list
