12 lines
400 B
YAML
12 lines
400 B
YAML
rules:
|
|
- id: org.yourorg.sql.create-grant
|
|
languages: [java, python, javascript]
|
|
message: "SQL statement appears to create users or grant privileges verify intent."
|
|
severity: ERROR
|
|
pattern-either:
|
|
- pattern: $S.execute($Q)
|
|
- pattern: $S.executeUpdate($Q)
|
|
metavariable-pattern:
|
|
metavariable: $Q
|
|
pattern: "*CREATE USER*|*GRANT*|*ALTER USER*|*SET PASSWORD*"
|