Home | FAQ | Manual | Ezmlm Manual Pages | Qmail Manual Pages | Readme | Upgrade | Downgrade

SQL databases - ezmlm-idx FAQ

Next: , Previous: Sublist security, Up: Ezmlm-idx security


21.16 SQL databases

For SQL-enabled lists, the database contains all list information. Subversion of your database server allows an attacker to add/remove addresses at will. This is also true for normal ezmlm lists. In addition, modification of the ‘*_name’, ‘*_cookie’, and ‘*_mlog’ tables can cause the list to misbehave in a manner that doesn't immediately suggest a security breach. Keep your ezmlm list and database servers secure.