0

If possible I would like to have clish to rewrite any arguments that are not safe to inject in an sql query. Similar to doing for example mysql_real_escape_string in php.

From clish we are calling bashscripts that sometimes injects the arguments into sql queries. Offcourse we should check/rewrite the argument in the bash-script's, but making clish rewrite the query would be an extra security in case that are missed/forgotten.

Amira Bedhiafi
  • 8,088
  • 6
  • 24
  • 60
Eliazz
  • 1
  • 2

1 Answers1

0

I have made a wrapper that executes all clish commands. It will look like this in the command xml syntax:

   <ACTION>execWrap aCommandToExecute ${someArgument}</ACTION>

execWrap will execute "aCommandToExecute" with all folowing arguments passed to it after verifying that the arguments are safe.

However, I will not mark the question as solved as it would be prefered to do this inside clish.

Eliazz
  • 1
  • 2