Hi guys, I am back after a long time of doing other kinds of work. Don't know if anybody remembers me - not a biggee. I am again working on a design of a web application for myself. Security seems MUCH more of an issue, EVERY day. So I had these to suggestions/feature requests. To prevent SQL injection, have either permissions-per-role, or DB wide, or DB instance configurable with defalaults and over ride configuration, blah blah, the following. A flag/permission to allow ONLY prepared queries A flag/permission to allow ONLY UDF/procedures. These may be mutually exclusive? But a way to set a database to absolutely be strongly sql injection proof. Comments? Dennis Gearon Signature Warning ---------------- EARTH has a Right To Life I agree with Bolivian President Evo Morales # The right to life: "The right for no ecosystem to be eliminated by the irresponsible acts of human beings." # The right of biosystems to regenerate themselves: "Development cannot be infinite. There's a limit on everything." # The right to a clean life: "The right for Mother Earth to live without contamination, pollution. Fish and animals and trees have rights." # The right to harmony and balance between everyone and everything: "We are all interdependent." See the movie - 'Inconvenient Truth' See the movie - 'Syriana' -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
