IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
S 2.134 Guidelines for database queries
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Application developer
The relational database language SQL (Standard Query Language) is a
standardised international language for relational database systems; it has
found widespread use and is implemented in most database management
systems. SQL can be used to modify data (UPDATE, INSERT, DELETE),
manipulate database objects (CREATE, ALTER, DROP) and request
information (SELECT). To ensure secure operation of a database, the
following basic guidelines should be observed when making database queries:
- SQL queries should be formulated as precisely as possible. This applies
particularly to SQL queries generated from applications. For example, the
SQL statement
SELECT * FROM WHERE
inevitably leads to errors or even causes the related application to crash if
the table scheme has been modified (addition or deletion of fields, or
changes in the field sequence).
- Fields should always be specified explicitly. This ensures that the data is
made available in the awaited sequence, and that only the information
which is actually required is selected, for instance.
Example:
A table consists of the following fields (with the related data types):
Article number NUMBER(10)
Net price NUMBER(10,2)
Article designation VARCHAR(30)
Intended use VARCHAR(200)
A new field titled "Order number" and having type NUMBER(8) is added.
To optimise memory utilisation, the field is located at the second position
of the table, not at the end. The new table then appears as follows:
Article number NUMBER(10)
Order number NUMBER(8)
Net price NUMBER(10,2)
Article designation VARCHAR(30)
Intended use VARCHAR(200)
In the worst case, a SELECT-* statement issued from an application would
now lead to a crash, as the data is selected automatically in the specified
field sequence. The example shown above not only poses the problem of
the table having been extended by one field (whose data are selected
additionally), but also of the field sequence having been modified, so that
the data is no longer selected in the original order. This leads inevitably to
type conflicts and, possibly, to program failure.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000