Differences

This shows you the differences between two versions of the page.

Link to this comparison view

privsep [2012/01/10 22:22]
eddieburke
privsep [2012/02/12 16:33] (current)
are old revision restored, spam removal
Line 15: Line 15:
 ==== What's involved ==== ==== What's involved ====
  
-But it's not really free. DBmail requires a relatively [[http://www.terrabeads.com/t-skirts.aspx|pencil skirt]] large number of changes, and although most of them should be fairly simple, there are a few deep cuts.+But it's not really free. DBmail requires a relatively large number of changes, and although most of them should be fairly simple, there are a few deep cuts.
  
 The biggest change is making one collection of dbmail tables per-user. This is fairly easy to accomplish- simply override the prefix (DBPFX) and have it include the username (i.e. dbmail_physmessage -> dbmail_geocar_physmessage) The biggest change is making one collection of dbmail tables per-user. This is fairly easy to accomplish- simply override the prefix (DBPFX) and have it include the username (i.e. dbmail_physmessage -> dbmail_geocar_physmessage)
Line 23: Line 23:
 The login procedure would need to perform the database-engine specific login method using the specified username and password. Because this would ordinarily make non-plaintext logins impossible (without database assistance), we'd need a new dbmail_shadow table that would ONLY be accessible in a limited way. This would be called "dbmail-auth" The login procedure would need to perform the database-engine specific login method using the specified username and password. Because this would ordinarily make non-plaintext logins impossible (without database assistance), we'd need a new dbmail_shadow table that would ONLY be accessible in a limited way. This would be called "dbmail-auth"
  
-dbmail-auth would start as a shadow user, and if a dbmail-imapd process logs in correctly, it is given a "real" username and password (or on some platforms, the already [[http://www.gotlandweb.com/t-hotels.aspx|luxury hotels]] logged in database handle via SCM_RIGHTS) that can be used to get access to the real data.+dbmail-auth would start as a shadow user, and if a dbmail-imapd process logs in correctly, it is given a "real" username and password (or on some platforms, the already logged in database handle via SCM_RIGHTS) that can be used to get access to the real data.
  
 dbmail-auth would be very short, and very easy to audit (compared to all of dbmail-proper) dbmail-auth would be very short, and very easy to audit (compared to all of dbmail-proper)
  
-The LIST/NAMESPACE/LSUB routines (and all the mailbox location code) would need to be changed as well, in order to support multi-user access to a shared mailbox (i.e. dbmail_acl). This, unfortunately, would probably be the messiest set of [[http://www.shoppharmacycounter.com/t-dietpillsonline.aspx|diet pills]] changes.+The LIST/NAMESPACE/LSUB routines (and all the mailbox location code) would need to be changed as well, in order to support multi-user access to a shared mailbox (i.e. dbmail_acl). This, unfortunately, would probably be the messiest set of changes.
  
  
Line 35: Line 35:
  
   * dbmail-auth looks in shadow.sqlitedb for authentication, but not mapping   * dbmail-auth looks in shadow.sqlitedb for authentication, but not mapping
-  * dbmail-auth checks the access control table and ATTACHes any user-mailbox.sqlitedb files that are interested (ATTACH makes it possible for a single SQLite session to access multiple databases) [[http://adipexweightlossdiet.com/fastweightloss.html|quick weight loss]]  +  * dbmail-auth checks the access control table and ATTACHes any user-mailbox.sqlitedb files that are interested (ATTACH makes it possible for a single SQLite session to access multiple databases) 
-  * dbmail-imapd runs chrooted in a directory [[http://www.americanhomemoving.com/|moving company]] that doesn't have access to the .sqlitedb files+  * dbmail-imapd runs chrooted in a directory that doesn't have access to the .sqlitedb files
  
  
  
  
-[[http://customcollegeessays.com/index.php|college essay]] 
  
 
privsep.txt · Last modified: 2012/02/12 16:33 by are
 
DBMail is developed by Paul J Stevens together with developers world-wide