Re: Security Issues: Allowing Clients to Execute SQL in the Backend.

Hello World wrote:
> Given this are there any security other issues about letting client applications execute arbitrary SQL
> commands on the backend database?

There shouldn't be any security problems, just be careful that you don't give the
user more permissions than you want to.

But a user who can execute arbitrary queries can easily bring the system down:
You can write SQL queries that keep a CPU 100% busy, that exhaust disk space
and possibly memory.

Yours,
Laurenz Albe