fix(security): prevent arbitrary file write in SQL editor (CVE-2024-10835)

fix(security): prevent arbitrary file write in SQL editor (CVE-2024-10835) #2597