On 02-06-14 15:07, Jean-Michel Pouré - GOOZE wrote: > LXC is getting better every day.
Yep, I'm all into docker these days. > This reduces the space for any attack to a minimum. If you add more > security layers like LXC or proxies, you probably widen the attack > space. LXC or a proxy will not stop an attacker from doing SQL > injections. I tend to disagree there. You need to trigger a buffer-overflow or something similar to trigger a SQL injection. Is that possible when there's a proxy in front? You'd have to break the proxy first, I think. > It does, here it is: > https://mariadb.com/kb/en/create-schema-statement/ That page had me hoping for the same. But the disclaimer at the top clearly states that this is about sql-99, not about mariadb. I checked on my own mariadb installation, and it doesn't support create schema, afaict. > Schema could also be used to improve some kind of legal backup > mechanism. In most countries like US and EU, mail has to be kept > untouched during a legal time. Using schema "foo" (R/W/D rights) and > "foo_backup" (Read-only) would improve DBmail. Depending on settings, > this would also allow users to retrieve old mail, but without any > possibility for modification. Simple and powerful. People use dbmail for similar setups but doing a global BCC to a dbmail setup that doesn't provide client access. -- ________________________________________________________________ Paul J Stevens pjstevns @ gmail, twitter, github, linkedin www.nfg.nl/[email protected]/+31.85.877.99.97 _______________________________________________ Dbmail-dev mailing list [email protected] http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
