On Tue, Mar 29, 2011 at 9:41 AM, Courtney Robinson <sa...@live.co.uk> wrote: > My suggestion as a means of heavily mitigating the damage of these attacks > would be to only permit a single query at a time (i.e. remove the ';' token). > Only trusted, administrative client applications (e.g. a GUI or console) > should really permit issuing multiple queries like this. Such clients could > decompose the queries in to separate queries and issue them individually.
+1. ; should only be used to let an interactive interface to know "that's the end of my query." -- Jonathan Ellis Project Chair, Apache Cassandra co-founder of DataStax, the source for professional Cassandra support http://www.datastax.com
