Re: [Exim] Multiple exim daemons

Top Page
Delete this message
Reply to this message
Author: Gary Palmer
Date:  
To: Chris Thompson
CC: exim-users
Subject: Re: [Exim] Multiple exim daemons
On Tue, Aug 14, 2001 at 05:08:59PM +0100, Chris Thompson wrote:
> Philip Hazel <ph10@???> writes:
> >
> > On Tue, 14 Aug 2001, Gary Palmer wrote:
> >
> > > Since the PID and the time are in there, I doubt very VERY much that
> > > the entire PID space can be cycled through in one second. Any other
> > > gotchas I should be aware of? I'm smart enough to only have -q <time>
> > > specified on one of the daemons :)
> >
> > I learned last week that on AIX, PIDs do not cycle. However, it seems
> > that even AIX doesn't re-use the same PID in the same second.
>
> And on any system, AIX or not, there's no guarantee that the pid of an
> Exim process is a just-allocated pid. See the thread "How unique are exim
> queue msg IDs?" from 2000-11-06.


Unless I'm mistaken (which is possible), if there are no shell accounts on
the box then the 'exploit' can't work. Although there are system accounts,
and the obvious cron jobs running, I doubt someone is going to hack onto
these systems just to create dup. message-id's.

One solution to your proposed exploit would seem to be to include the ppid
in the message-id in addition to the pid. That way it becomes a lot
more difficult to exploit wrapping PID space as the parent would have to
be the same.