NEW RULE IDEAS
Closed this issue · 1 comments
tcartwright commented
NEW RULE IDEAS
- not for replication (Design) Added in rule SRD0065
- Constraints: check for
- udf usage (Performance)
- nocheck (Design)
- Suggest SCHEMABINDING for functions that do not touch tables (Performance)
- Detect sql injection possibilities???
Notes:
- Would like to only detect injection opportunies where sql is being concatenated in from a variable.
- Would also like to build a sql injection scanner for .Net code
tcartwright commented
Moved to discussions.