Re: Public announcements of SQL Security Vulnerabilities
From: Mary Chipman (mchip@nomail.please)
Date: 07/27/02
- Next message: ray: "Column level security"
- Previous message: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
- In reply to: Chris Wood: "Public announcements of SQL Security Vulnerabilities"
- Next in thread: Neil Pike: "Re: Public announcements of SQL Security Vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Mary Chipman <mchip@nomail.please> Date: Sat, 27 Jul 2002 09:14:35 -0400
On Fri, 26 Jul 2002 16:06:52 -0600, "Chris Wood"
<chris.wood@gov.ab.ca> wrote:
>Whilst I feel it is helpful, because I can now fully understand the
>vulnerability, it is putting some pressure on me to make a hasty decision
>about implementing the security patch. It can give little time for testing
>any SQL application, that might be affected, before it MUST be implemented
>in the Production environment.
What choice do you have? Don't implement the patch and leave the
server vulnerable, hoping for the best? Only you know your environment
and only you can weigh the likelihood of a particular attack against
the possibility of a bad patch bringing down the production server.
-- Mary
MCW Technologies
http://www.mcwtech.com
- Next message: ray: "Column level security"
- Previous message: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
- In reply to: Chris Wood: "Public announcements of SQL Security Vulnerabilities"
- Next in thread: Neil Pike: "Re: Public announcements of SQL Security Vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
