Serious question: if an attacker has the necessary access to modify the data in the table (because that is what it would take to cause a problem) or if someone installs a malicious module do I really have any way to stop it?
<br><br><div><span class="gmail_quote">On 6/19/06, <b class="gmail_sendername">Dries Buytaert</b> &lt;<a href="mailto:dries.buytaert@gmail.com">dries.buytaert@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>On 19 Jun 2006, at 18:41, Earl Dunovant wrote:<br>&gt; These fields are coming from the database, and the table is<br>&gt; populated with data from <a href="http://Amazon.com">Amazon.com</a>. I prefer scrubbing it on the
<br>&gt; way in (admittedly not doing that at the moment because I figured<br>&gt; if you can hijack <a href="http://Amazon.com">Amazon.com</a>'s servers you're going to get me if<br>&gt; you want to anyway). The fewer places I have to worry about it, the
<br>&gt; better.<br><br>That doesn't work.&nbsp;&nbsp;People (or modules) could edit or modify the node<br>at any time, and then you'd be toast. :-)<br><br>--<br>Dries Buytaert&nbsp;&nbsp;::&nbsp;&nbsp;<a href="http://www.buytaert.net/">http://www.buytaert.net/
</a><br><br></blockquote></div><br>