Author: Justin Clarke
Aimed at: SQL programmers
Pros: Extensive coverage of an important topic
Cons: Extensive coverage of a small topic!
Reviewed by: Ian Elliot
SQL injection is a technique that most SQL programmers are aware of and the basic idea isn't difficult. You allow the user by some means or other to determine what the SQL query is and they find some way of using this to "inject" a query of their own making - typically returning a list of users and passwords. The solution to SQL injection is also easy - to scan the SQL command to make sure it is restricted to the range of queries that you allow. The difficult part is spotting all of the places in an application where the user gets access to a SQL query - often this is well hidden and by the time the SQL command is offered up to the server you might well have forgotten how it got there.
This book covers the ground in relentless detail. It goes into what a SQL attack is all about and then explains its different forms - error based, union and blind. It even covers what a hacker might do after getting access via SQL injection.
As a general database programmer I appreciate the need for an understanding of SQL injection attacks but surely there must be a better and simpler way to make things secure. This is a problem in search of a one-line solution but instead we have a ten-chapter book! Still this is not the authors fault and the book does a good job of explaining things in general and specifically covering MySQL, MSSQL and Oracle. There is a brief mention of automated tools for finding SQL injection vulnerabilities but this isn't the main topic of the book.
If you are responsible for the security of a SQL database at the code level then this is required reading - I'm not sure how useful it would be to a database administrator because there isn't much that can be done from this position other than detecting vulnerabilities and potential attacks. Of course it would also make an excellent training manual for the would-be hacker needing to master SQL injection - such is the double-edged nature of almost any security book.