To rephrase this the "right" way: If you're concerned about database security, you should lock down CF's user account(s) so it can only execute specific stored procs, and is unable to run arbitrary queries.
cheers, barneyb On Fri, 18 Feb 2005 16:22:06 -0500, Adrocknaphobia <[EMAIL PROTECTED]> wrote: > Micha, > > If you are concerned about database security you shouldn't be placing > any SQL inline in your CF and should rely strictly on StoredProcs. > > -Adam > > -- Barney Boisvert [EMAIL PROTECTED] 360.319.6145 http://www.barneyb.com/ Got Gmail? I have 50 invites. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:195483 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
