OK, I know many of you have seen this before (an oldie, but a goodie!): (image from xkcd.com, with “copy and share” license described here: License) But, what can you do to prevent this? And, when would this even be possible? This is possible when DSE (dynamic string execution) occurs. There are still some VERY relevant [...]
Kimberly L. Tripp
Improving my SQL skills through your questions!
Little Bobby Tables, SQL Injection and EXECUTE AS
Posted on: April 4, 2010 4:42 pm
“EXECUTE AS” and an important update your DDL Triggers (for auditing or prevention)
Posted on: July 24, 2007 1:31 pm
DDL Triggers were a new feature of SQL Server 2005 and while seemingly simple, they are very powerful. DDL Triggers allow you to trap an attempted DDL operation to audit it, prevent it, or do anything you want to validate/verify/”authorize”/etc – you write the code. And, since a trigger fires as part of the transaction, [...]
