Are stored procedures the most secure way to access a database?

  • Is it possible hackers deliberately marketed non-SP solutions to make hacking easier?

  • andrewbb (8/29/2015)


    Is it possible hackers deliberately marketed non-SP solutions to make hacking easier?

    If the code built in the managed code is properly parameterized instead of consisting of concatenated dynamic SQL, then that managed code will be as secure as a stored procedure in most cases.

    But, to answer your question, yes. Hackers will frequently try SQL Injection and it's still the number 1 hack attack followed closely by using leaking login information to get in.

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply