My blog has moved and can now be found at

No action is needed on your part if you are already subscribed to this blog via e-mail or its syndication feed.

Saturday, January 24, 2004
« Authorization and Profile Application Bl... | Main | Java vs. .NET security - Part 2 »

Recent post to the [SC-L] List:

FYI, Stephen Kost of Integrigy Corporation has published a paper called, "An Introduction To SQL Injection Attacks For Oracle Developers".  The full 24 page paper (in PDF format) is freely available at:

On first glance, it appears to me to be a pretty worthwhile read, FWIW. Although it is aimed at Oracle developers and much of the paper is indeed Oracle-specific, pretty much anyone writing multi-tier SQL database software could find useful information in it.

[Now Playing: Pyar Aaya - Plan]

Tags:: Security
1/24/2004 8:37 AM Eastern Standard Time  |  Comments [0]  |  Disclaimer  |  Permalink   
Comments are closed.