On 2009-03-27 at 22:01 +0000, Jörg Sommer wrote: > why exim sets the limit for coredumps to 0? If one of the processes
> executed by exim, e.g. procmail, crashes I can't get a coredump. Is there
> an option to tell exim not to do so?
Edit src/deliver.c, search for RLIMIT_CORE, remove the rl.rlim_max = 0;
setting, so that you can wrap procmail in a script which bumps the
rlimit back up to max.
Generally speaking, Exim is taking untrusted content from the outside
world and delivering it to some process; failures in those processes
which result in core-dumps are a DoS vulnerability as you could fill
disk at an attacker's whim, even if the problem is in no other way
exploitable.
