Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Oracle Advanced PL/SQL Developer Professional Guide

You're reading from   Oracle Advanced PL/SQL Developer Professional Guide Master advanced PL/SQL concepts along with plenty of example questions for 1Z0-146 examination with this book and ebook

Arrow left icon
Product type Paperback
Published in May 2012
Publisher Packt
ISBN-13 9781849687225
Length 440 pages
Edition 1st Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Saurabh K. Gupta Saurabh K. Gupta
Author Profile Icon Saurabh K. Gupta
Saurabh K. Gupta
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Oracle Advanced PL/SQL Developer Professional Guide
Credits
Foreword
About the Author
Acknowledgement
About the Reviewers
www.PacktPub.com
Preface
1. Overview of PL/SQL Programming Concepts FREE CHAPTER 2. Designing PL/SQL Code 3. Using Collections 4. Using Advanced Interface Methods 5. Implementing VPD with Fine Grained Access Control 6. Working with Large Objects 7. Using SecureFile LOBs 8. Compiling and Tuning to Improve Performance 9. Caching to Improve Performance 10. Analyzing PL/SQL Code 11. Profiling and Tracing PL/SQL Code 12. Safeguarding PL/SQL Code against SQL Injection Attacks Answers to Practice Questions Index

Immunizing SQL injection attacks


We will discuss the ways to immunize code against SQL injection in detail. Besides the ways which are listed above, we will discuss some additional tricks too, to reduce SQL injection attacks.

Reducing the attack's surface

Reducing the attack's surface is one of the preventive measures that are proactively used to fight the SQL injection attacks. It aims to minimize the area of operation and visibility of the hackers by controlling the privileges and execution rights of a user on the accessible subprograms. The technique is helpful when a user plays a defined role in an application but is still bestowed with a lot more irrelevant privileges from the admin. The attack perimeter can be reduced by:

  • Controlling the user privileges

  • Creating the program units with invoker's rights

Controlling user privileges

The DBA must keep a hawk eye on the roles of the users in the application to prevent any malicious motivation. The availability of additional spare privileges might...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image