Immunizing SQL injection attacks
We will discuss the ways to immunize code against SQL injection in detail. Besides the ways which are listed above, we will discuss some additional tricks too, to reduce SQL injection attacks.
Reducing the attack's surface
Reducing the attack's surface is one of the preventive measures that are proactively used to fight the SQL injection attacks. It aims to minimize the area of operation and visibility of the hackers by controlling the privileges and execution rights of a user on the accessible subprograms. The technique is helpful when a user plays a defined role in an application but is still bestowed with a lot more irrelevant privileges from the admin. The attack perimeter can be reduced by:
Controlling the user privileges
Creating the program units with invoker's rights
Controlling user privileges
The DBA must keep a hawk eye on the roles of the users in the application to prevent any malicious motivation. The availability of additional spare privileges might...
