What is the most EVIL code you have ever seen in a production enterprise environment?
Posted
by Registered User
on Stack Overflow
See other posts from Stack Overflow
or by Registered User
Published on 2009-01-12T04:10:15Z
Indexed on
2010/03/18
22:41 UTC
Read the original article
Hit count: 306
What is the most evil or dangerous code fragment you have ever seen in a production environment at a company? I've never encountered production code that I would consider to be deliberately malicious and evil, so I'm quite curious to see what others have found.
The most dangerous code I have ever seen was a stored procedure two linked-servers away from our core production database server. The stored procedure accepted any NVARCHAR(8000) parameter and executed the parameter on the target production server via an double-jump sp_executeSQL command. That is to say, the sp_executeSQL command executed another sp_executeSQL command in order to jump two linked servers. Oh, and the linked server account had sysadmin rights on the target production server.
© Stack Overflow or respective owner