|
most programmers in our shop use STRSQL to do their query. We could have them use iSeries Access, but they would probably go with STRQM if STRSQL is not allowed. -----Original Message----- From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx]On Behalf Of Tom Jedrzejewicz Sent: Tuesday, November 16, 2004 4:05 PM To: Midrange Systems Technical Discussion Subject: Re: security hole in interactive sql call statement? On Tue, 16 Nov 2004 09:40:19 -0800, Tom Jedrzejewicz <tomjedrz@xxxxxxxxx> wrote: > On Tue, 16 Nov 2004 10:49:57 -0600, Lim Hock-Chai > <lim.hock-chai@xxxxxxxx> wrote: > > we have. We might end up go with this route. Most programmer (me) doesn't > > really > > like STRQM (asking all kind of questions before it exec the sql statement). > > That said - you could restrict STRSQL and force them to use the SQL > execution through iSeries Access. I don't think the same security > holw exists. How about the Run Sql Script utility in iSeries Navigator.
This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
