Why I Say Something about Running as Administrator
On a couple of recent webcasts, I pointed out the folks were running with the local Administrator account. To start...
2009-05-28
2,157 reads
Brian Kelley
- Interests: Chess, Reading, Soccer (Football), Baseball, Animals, Theology
Catalog view: sys.tcp_endpoints
I was playing around with the endpoint catalog views this afternoon just looking at ways to do poor man's configuration...
2009-05-27
2,824 reads
Speaking at Augusta Developer's Guild
Tomorrow night, May 28th, I'll be speaking the Augusta Developer's Guild. This is a make-up from earlier in the year...
2009-05-27
1,379 reads
SQL Injection - Why I Don't Think Parameterization is Enough
One of the main defenses touted against SQL injection attacks is to use proper parameterization at the application layer. But while this gets most of the cases, there are clearly examples where this alone fails. For instance, consider the stored procedure...
2009-05-20
3,948 reads
Sick? Stay home!
Yesterday I did something I wouldn't have thought of doing a year ago: I stayed home. When I woke up,...
2009-05-19
843 reads
SQL Injection - Why I Don't Think Parameterization is Enough
Note:Since there have been several comments on this, I'm using parameterization at the application layer in the security sense of...
2009-05-15
2,705 reads
Rant: Is It an Effective Control or Not?
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said something to the effect of, "What do you expect? It's 30 year-old technology." I was stunned when the comment was relayed to me. My response...
2009-05-13
2,363 reads
Rant: Is It an Effective Control or Not?
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said...
2009-05-05
1,247 reads
Security Basics: Defense-in-Depth
In my security presentations, another basic I talk about is defense-in-depth. The idea here is to produce multiple layers of protection against a particular attack. For instance, imagine malicious code against your home computer. This is a case where...
2009-05-05
1,971 reads
A Dead Zune and Choices
Shortly after the Zune debuted, I purchased one. And I've been happy with it. It's done everything I expected out...
2009-05-04
857 reads
Blogs
Learn Better: Pause to Review More
By Brian Kelley
If you want to learn better, pause more in your learning to intentionally review.
Azure SQL Managed Instance Next-Gen: Bring on the IOPS
By John
If you’ve used Azure SQL Managed Instance General Purpose, you know the drill: to...
SQL, MDX, DAX – the languages of data
By DataOnWheels
Ramblings of a retired data architect Let me start by saying that I have...
Forums
Azure SQL DBA certification
Hello team Can anyone share popular azure SQL DBA certification exam code? and your...
Faster Data Engineering with Python Notebooks: The Fabric Modern Data Platform
Comments posted to this topic are about the item Faster Data Engineering with Python...
Which Result II
Comments posted to this topic are about the item Which Result II
Question of the Day
Which Result II
I have this code in SQL Server 2022:
CREATE SCHEMA etl;
GO
CREATE TABLE etl.product
(
ProductID INT,
ProductName VARCHAR(100)
);
GO
INSERT etl.product
VALUES
(2, 'Bee AI Wearable');
GO
CREATE TABLE dbo.product
(
ProductID INT,
ProductName VARCHAR(100)
);
GO
INSERT dbo.product
VALUES
(1, 'Spiral College-ruled Notebook');
GO
CREATE OR ALTER PROCEDURE etl.GettheProduct
AS
BEGIN
exec('SELECT ProductName FROM product;')
END;
GO
When I execute this code as a user whose default schema is dbo and has rights to the tables and proc, what is returned? See possible answers