I've always been concerned with security and I've always stressed the importance of auditing the REAL user context not just the current user (see this post on EXECUTE AS and auditing). So, I generally try to avoid using dynamic string execution and if necessary create well tested/protected parameters (fyi – using QUOTENAME can be a [...]
Kimberly L. Tripp
Improving my SQL skills through your questions!
Looking for security vulnerabilities in database code
Posted on: June 30, 2009 8:34 am
The Tipping Point Query Answers
Posted on: June 7, 2009 9:29 pm
OK, I'll definitely take a beating from all of you for having gone so long between my survey posts and now. I won't even go into the details but between some crazy work schedules, multiple sinus problems and even migraines… well, I've been a bit behind. Let's just say that April/May were rough at best. [...]
Favorite SSMS Options – and some gotchas
Posted on: June 6, 2009 8:03 pm
Whenever I setup a new machine, I like to set a few default options in SSMS. Here are my favorites: Tools, Options Environment Fonts and Colors Text Editor font: Lucida Console (a bit thicker and it's a fixed-width font) Text Editor: Selected Text (under display items) Item foreground: Black Item background: Yellow (looks like a [...]
