On Feb 6, 2007, at 11:43 AM, Fletcher Johnson wrote: > Certainly, if the code is in a table, it is > subject to modification (potentially malicious),
Thank you for your thoughts, Fletcher. Regardless of my application construction, this is something that I am wondering about. Maybe somebody can help me understand. It may seem hopelessly naive, but from my reading, it seems like: 1. If your data are off of the web tree, and 2. You have robust protection against SQL injection Your data should be protected. Am I wrong? How else would anyone get to your data? Similarly, if you don't have any SQL in code that is in your Web tree that should be *relatively* safe. All data in user-interface is called data object functions, and those are off of the web tree, too. Again, am I wrong, or is this understanding too simplistic? Ken _______________________________________________ Post Messages to: ProFox@leafe.com Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
