vulnerability of COPY command

Dennis Gearon <gearond@sbcglobal.net>

From: Dennis Gearon <gearond@sbcglobal.net>
To: pgsql-general@postgresql.org
Date: 2010-05-30T05:41:04Z
Lists: pgsql-general
I'm trying to build a way to bulk load from a script to a Dbase, postgres.

Using single, parameterized statements is a pretty good defense against SQL injection, so I use Symfony as the main user input.

But for this bulk loading, it's tooooooo slow.

If I build a text based, COPY file for bulk purposes, to be input via the command line, is Postgres vulnerable to SQL injection from that?


Dennis Gearon

Signature Warning
----------------
EARTH has a Right To Life,
  otherwise we all die.

Read 'Hot, Flat, and Crowded'
Laugh at http://www.yert.com/film.php