On Thu, 2006-06-15 at 15:01 -0500, Jim Nasby wrote: > On Jun 15, 2006, at 1:20 PM, Geo Carncross wrote: > > This might actually be easier- All three supported databases (in a > > way) > > support a concept of access controls. With MySQL and Pg, each > > "mailbox" > > could be given a separate table (unless per-row grant rights are > > possible), and then it'd be the SQL servers' job. Something they've > > already got to spend a lot of effort into. > > At best that only limits the amount of damage an injection attack can > do. If you want to protect against injection attacks, the only > logical way to do it is to use bound parameters.
The thing is it limits the amount of damage to the amount of damage that could be caused anyway: What really is the difference between DELETE FROM dbmail_physblah; and A01 DELETE INBOX > That doesn't mean that using appropriate database security isn't a > good thing... it is. Unfortunately, at the moment, I don't know of any SQL engine that supports row-based security except (maybe) SQLite... and as I already mentioned SQLite can't be trusted because it's in-core. -- Internet Connection High Quality Web Hosting http://www.internetconnection.net/
