Someone asked a while ago whether Cassandra was vulnerable to injection attacks:
http://stackoverflow.com/questions/5998838/nosql-injection-php-phpcassa-cassandra With Thrift, the answer was 'no'. With CQL, presumably the situation is different, at least until prepared statements are possible (CASSANDRA-2475) ? Has there been any discussion on this already that someone could point me to, please? I couldn't see anything on JIRA (searching for CQL AND injection, CQL AND security, etc). Thanks. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. QinetiQ may monitor email traffic data and also the content of email for the purposes of security. QinetiQ Limited (Registered in England & Wales: Company Number: 3796233) Registered office: Cody Technology Park, Ively Road, Farnborough, Hampshire, GU14 0LX http://www.qinetiq.com.
