Security considerations in SPARQL Update

Hi Everyone,

SPARQL 1.1 Query mentions a few security issues in the section "18
Security Considerations (Informative)":
  http://www.w3.org/2009/sparql/docs/query-1.1/rq25.xml#security

SPARQL 1.1 Update needs to have a similar section (it's mostly empty
at the moment), but it will need to have more detail than SPARQL 1.1.
Query, given that these operations are deliberately transformative.
This opens up an implementation to things like injection attacks, plus
other problems that SQL faces that I'm sure I've never even heard of.
I'd like to point out some of the obvious things, but I think we
should be careful not to over-proscribe, since we can't know
everything that may come along, and individual implementations may
have their own issues.

Does anyone have suggestions on what I should mention here?

Regards,
Paul Gearon

Received on Friday, 8 January 2010 16:41:32 UTC