[Dovecot] Dovecot's MySQL authentication driver

Jakob Hirsch jh at plonk.de
Thu Nov 16 00:07:44 UTC 2006


Quoting guard:

> I'm wonderig if dovecot have any mechanism which prevent sql injection?

I didn't check deeper, but there's code which uses mysql's escape
function. Should be even save without that, as long as you are not
messing with auth_username_chars.





More information about the dovecot mailing list