[mythtv-commits] Ticket #792: SQL "injection" in mythtv-setup (User Jobs)
MythTV
mythtv at cvs.mythtv.org
Wed Jan 18 18:06:04 UTC 2006
#792: SQL "injection" in mythtv-setup (User Jobs)
-----------------------+----------------------------------------------------
Reporter: anonymous | Owner: ijr
Type: defect | Status: closed
Priority: minor | Milestone:
Component: mythtv | Version: head
Severity: medium | Resolution: invalid
-----------------------+----------------------------------------------------
Changes (by danielk):
* resolution: => invalid
* status: new => closed
Comment:
Feature request without patch.
Escaping these strings would be a nice thing to do, but it is assumed that
anyone using mythtv-setup/mythfrontend has rights to do whatever they want
with the myth DB so it is not really a security problem. If you see this
with mythweb it is a security problem though.
--
Ticket URL: <http://svn.mythtv.org/trac/ticket/792>
MythTV <http://www.mythtv.org/>
MythTV
More information about the mythtv-commits
mailing list