Are stored procedures the most secure way to access a database?

Question

Are stored procedures the most secure way to access a database?

andrewbb

Old Hand

Points: 368
More actions
August 29, 2015 at 12:35 pm

#320895

Is it possible hackers deliberately marketed non-SP solutions to make hacking easier?

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply

Jeff Moden SSC Guru Points: 1004340 More actions · Answer 1

andrewbb (8/29/2015)
Is it possible hackers deliberately marketed non-SP solutions to make hacking easier?

If the code built in the managed code is properly parameterized instead of consisting of concatenated dynamic SQL, then that managed code will be as secure as a stored procedure in most cases.

But, to answer your question, yes. Hackers will frequently try SQL Injection and it's still the number 1 hack attack followed closely by using leaking login information to get in.

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)