Must remove privileges to several vendor-specific SQL functions,
especially the OS command functions that will enable command injection
by way of SQL injection.
Hello List - I was putting together a cheat sheet on security considerations
of a database account for a web application. I know I am overlooking few
points so I thought I will reach out to the community to add to the list.
Here is what I have put so far
Database Configuration Cheat Sheet
Thoughts/Comments?
Thanks,
Anurag Agarwal
MyAppSecurity
Cell - 919-244-0803
Email - anurag@myappsecurity.com
Website - http://www.myappsecurity.com
Blog - http://myappsecurity.blogspot.com
LinkedIn - http://www.linkedin.com/in/myappsecurity
Twitter: https://twitter.com/#!/myappsecurity
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org