Dear Paul, > Agreed. Though I think this might be remedied (at least partially) by > putting a proxy in front of dbmail, and running dbmail as a > non-privileged user on a high port. (Again, running dbmail on a > dedicated VPS or container). > > Using a proxy would make it *much* harder to break into the dbmail host, > I suspect. But if you gain shell on the proxy, you can use that to break > into dbmail. It's not inconceivable, so let's assume it's possible.
LXC is getting better every day. > That would add only one additional layer. First you'd have to break the > proxy, next the dbmail host, and lastly the postgresql host. Indeed, the security layer should be in the database (i.e. schema), as close as possible from where the data is stored. This reduces the space for any attack to a minimum. If you add more security layers like LXC or proxies, you probably widen the attack space. LXC or a proxy will not stop an attacker from doing SQL injections. > It looks like it. With MariaDB there is some hope for full SQL-99 > compliance, but I'm not holding my breath. SQL 99 is 15 years ago, so we can count that Schema is getting mature and is NOT a fancy. So let's use them if MariaDB supports them. It does, here it is: https://mariadb.com/kb/en/create-schema-statement/ I will set up a testing host and enquire what needs to be done. The beauty of Schemas is that VERY LITTLE coding is required. We only need a schema name and table prefix. I think less than 500 lines of source code are needed, not more. The most difficult part is migrating the existing user base and changing the delivery mechanism to handle CCs and BCs in separate mailboxes without introducing new bugs. Schema could also be used to improve some kind of legal backup mechanism. In most countries like US and EU, mail has to be kept untouched during a legal time. Using schema "foo" (R/W/D rights) and "foo_backup" (Read-only) would improve DBmail. Depending on settings, this would also allow users to retrieve old mail, but without any possibility for modification. Simple and powerful. Kind regards, Kellogs _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
