What is the most EVIL code you have ever seen in a production enterprise environment?

Posted by Registered User on Stack Overflow See other posts from Stack Overflow or by Registered User
Published on 2009-01-12T04:10:15Z Indexed on 2010/03/18 22:41 UTC
Read the original article Hit count: 306

What is the most evil or dangerous code fragment you have ever seen in a production environment at a company? I've never encountered production code that I would consider to be deliberately malicious and evil, so I'm quite curious to see what others have found.

The most dangerous code I have ever seen was a stored procedure two linked-servers away from our core production database server. The stored procedure accepted any NVARCHAR(8000) parameter and executed the parameter on the target production server via an double-jump sp_executeSQL command. That is to say, the sp_executeSQL command executed another sp_executeSQL command in order to jump two linked servers. Oh, and the linked server account had sysadmin rights on the target production server.

© Stack Overflow or respective owner

Related posts about codesmell

Related posts about anti-patterns