うぁ・・・RoR2.0, 1.2.3以下のPostgreSQLとSQLiteで、:limit, :offsetのSQLインジェクションキタ━(゚∀゚)━!
MySQLの場合はデフォルトで複数のSQL文を実行しないモードになっていたから助かったようですが・・・。逆に言えば複数のSQL文を実行するモードに「手動で」設定している場合は同様?
Rails2.1以降であればセーフのようですが・・・。
With Rails 2.1 out for a while I though I should describe the problem a bit as there are many Rails applications stuck in 1.2.3 or 2.0.
http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1
Description:
Security Advisory SA31910 - Ruby on Rails ":offset" and ":limit" SQL Injection Vulnerabilities - Secunia
Some vulnerabilities have been reported in Ruby on Rails, which can be exploited by malicious people to conduct SQL injection attacks.