- From: Paul Gearon <gearon@ieee.org>
- Date: Fri, 8 Jan 2010 11:41:00 -0500
- To: SPARQL Working Group <public-rdf-dawg@w3.org>
Hi Everyone, SPARQL 1.1 Query mentions a few security issues in the section "18 Security Considerations (Informative)": http://www.w3.org/2009/sparql/docs/query-1.1/rq25.xml#security SPARQL 1.1 Update needs to have a similar section (it's mostly empty at the moment), but it will need to have more detail than SPARQL 1.1. Query, given that these operations are deliberately transformative. This opens up an implementation to things like injection attacks, plus other problems that SQL faces that I'm sure I've never even heard of. I'd like to point out some of the obvious things, but I think we should be careful not to over-proscribe, since we can't know everything that may come along, and individual implementations may have their own issues. Does anyone have suggestions on what I should mention here? Regards, Paul Gearon
Received on Friday, 8 January 2010 16:41:32 UTC