Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
There is a big concern regarding a recently-disclosed Rails SQL injection vulnerability. I am not well-versed in dealing with security, so I am unnerved. I hear that MongoDB is not susceptible to this kind of attack.
Is this a good reason to move to MongoDB permanently?
No. Just because SQL databases are vulnerable to SQL injection attacks is not a good reason to move to MongoDB.
MongoDB is great in certain use-cases, particularly where you need schema-less collections.
If you need to store relational data, you’ll be much better served by a relational DB.
In short, if you’re afraid of SQL injection, learn how to sanitize your inputs. Don’t move to MongoDB.
The newly found vulnerability does not affect everyone. Read here for more details.