Re: [exim] Exim drops core size

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jörg Sommer
Date:  
À: exim-users
Sujet: Re: [exim] Exim drops core size
Hallo Phil,

Phil Pennock <exim-users@???> wrote:
> On 2009-03-27 at 22:01 +0000, Jörg Sommer wrote:
>> why exim sets the limit for coredumps to 0? If one of the processes
>> executed by exim, e.g. procmail, crashes I can't get a coredump. Is there
>> an option to tell exim not to do so?
>
> Generally speaking, Exim is taking untrusted content from the outside
> world and delivering it to some process; failures in those processes
> which result in core-dumps are a DoS vulnerability as you could fill
> disk at an attacker's whim, even if the problem is in no other way
> exploitable.


Because the core is always dumped to the file core and gets overwritten
by a second dump, I don't see how you will fill up the filesystem. Please
explain.

Bye, Jörg.
--
Treffen sich zwei Funktionen.
Sagt die eine: „Verschwinde oder ich differenzier' dich!“
Erwidert die andere: „Ätsch, ich bin exponentiell!“