If you really lock down master, then true, you've mitigated most of the rest. Most folks don't think to do this, unfortunately.
Excellent article!!! After reading your article, I checked w/ our Sr. System Developer to verify if we are using these techniques. We are looking in depth to other exploitations of SQL injections with our app.