Skip to content

Commit

Permalink
WebGoat#974: Update the lesson text
Browse files Browse the repository at this point in the history
  • Loading branch information
@nbaars
nbaars committed Apr 2, 2021
1 parent de453fa commit ba2cb7d
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions ...ction/src/main/resources/lessonPlans/en/SqlInjection_introduction_content4.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,9 @@ If an attacker successfully "injects" DCL type SQL commands into a database, he
* GRANT - give a user access privileges on database objects
* REVOKE - withdraw user privileges that were previously given using GRANT
* Example:
** GRANT CREATE TABLE +
TO operator;
** GRANT CREATE TABLE TO operator;
** This statement gives all users of the operator-role the privilege to create new tables in the database.
Try to grant the user group "UnauthorizedUser" the right to alter tables:
Try to grant rights to the table `grant_rights` to user `unauthorized_user`:

0 comments on commit ba2cb7d

Please sign in to comment.