Comment by throwaway7356
4 hours ago
> The fix was prepared statements
You don't need prepared statements. The fix is parameter binding: submitting parameters separate from the SQL statement itself, separating code from (user) data.
> The analogous mitigation for agents is to have fixed behaviors they can perform, such as “read repo 1” “read repo 2”, etc., and the user input is used as data to select which of these fixed behaviors to execute.
No, that only deals with some special issues. It also doesn't separate code and (user) data, so it's not the same issue.
Having only limited actions is akin to using more restrictive database permissions. That also makes SQL injection no longer relevant: only SQL statements can be executed that the user is allowed to run either way.
No comments yet
Contribute on Hacker News ↗