Positive for fP

Fairlight fairlite at fairlite.com
Mon May 29 23:44:48 PDT 2006


I'm lying here pondering the earlier discussions today while trying to fall
asleep, and in the vein of saying something positive, I actually just had a
mild epiphany of sorts:

One of the biggest security issues to proliferate and be exploited
in web-based applications in the last year has been SQL injection
vulerabilities.  Anyone reading the security alerts would know this.

POINT:  Natively, assuming it talks to no SQL databases using data
supplied, filePro is completely immune to SQL injection attacks.

One -could- argue from the feature side of the fence, but I choose not to.

I'll stick with the original frame of mind in which the thought occurred,
and think of it as a big plus for web-based implementations using fP.
Dunno why I never thought of that before, but it's kind of a neat
recognition of something that's always been the case.  :)  Heck, that's
a selling point if you're doing a web-based implementation.

mark->
-- 
Fairlight->   ||| This space intentionally left      | Fairlight Consulting
  __/\__      ||| blank.                             |
 <__<>__>     |||                                    | http://www.fairlite.com
    \/        |||                                    | info at fairlite.com


More information about the Filepro-list mailing list