[Dovecot] MySQL stored proc authorization
Chaos Engine
haos.engine at gmail.com
Fri Oct 13 23:47:10 UTC 2006
2006/10/14, Timo Sirainen <tss at iki.fi>:
>
> On Sat, 2006-10-14 at 00:08 +0200, Chaos Engine wrote:
>
> > db->client_flags |= CLIENT_MULTI_STATEMENTS;
>
> >
> >
> >
> > Yes, most probably the lack of this CLIENT_MULTI_STATEMENTS flag
> > blocks stored procs (acording to MySQL docs).
> > From my point of view using stored proc is more secure than putting
> > select user, password from user_sensitive_data_table into
> > dovecot-sql.conf, but I'll live with that.
> > You most probably had your reasons, and ultimately I agree -
> > security first ;-)
>
> Now that I think of it, you can actually enable this again. Add to
> connect string in dovecot-sql.conf:
>
> client_flags = 64
>
If all was that simple ... but unfortunatelly that didn't work for me.
I wonder did'nt you mean client_flags = 65536 coz that's what I found in
/usr/include/mysql/mysql_com.h
...
Heh, I've just tried that and it worked :-)
Looks like we can call the issue solved then.
--
Chaos greets U
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://dovecot.org/pipermail/dovecot/attachments/20061014/de3927b3/attachment.html
More information about the dovecot
mailing list