SQLninja denial

Jason L Tibbitts III tibbs at math.uh.edu
Mon Nov 15 16:00:05 UTC 2010

>>>>> "MM" == Mike McGrath <mmcgrath at redhat.com> writes:

MM> [...] Looking at the sqlninja demo, you have to be clear about one
MM> thing, sqlninja is not a scanner / detection tool.  It's a takeover
MM> tool.

Just a hypothetical: What if we patched out the takeover functionality?
Obviously I've no idea if that's reasonable or possible, but there's
probably a very strong argument that it's responsible.  I think that
deviating from our principle of keeping with upstream would be less
extreme than banning the software entirely.

 - J<

More information about the advisory-board mailing list