Author: Jörg Sommer Date: To: exim-users Subject: Re: [exim] Exim drops core size
Hi Phil,
Phil Pennock <exim-users@???> wrote: > On 2009-03-29 at 20:53 +0000, Jörg Sommer wrote:
>> Phil Pennock <exim-users@???> wrote:
>> > On 2009-03-27 at 22:01 +0000, Jörg Sommer wrote:
>> >> why exim sets the limit for coredumps to 0? If one of the processes
>> >> executed by exim, e.g. procmail, crashes I can't get a coredump. Is there
>> >> an option to tell exim not to do so?
>> >
>> > Generally speaking, Exim is taking untrusted content from the outside
>> > world and delivering it to some process; failures in those processes
>> > which result in core-dumps are a DoS vulnerability as you could fill
>> > disk at an attacker's whim, even if the problem is in no other way
>> > exploitable.
>>
>> Because the core is always dumped to the file core and gets overwritten
>> by a second dump, I don't see how you will fill up the filesystem. Please
>> explain.
>
> Not all systems are like yours. Both Linux and FreeBSD, amongst others,
> allow core-dumps to be named to have things like the pid in the name.
But that's not the default. You have to make this setting.
And why do you expect someone enables core dumps and doesn't care for
them? Why should someone change the name of the core dumps, start exim
with ulimit -c unlimited and doesn't care what happens then?
> Exim plays safe. It doesn't know what the sub-process will be doing, it
> doesn't know where it will be doing it, it sets up as safe an
> environment as possible to limit potential damage. This is sane.
Not in my opinion. I think you try to solve problems they aren't there.
Who starts exim with core dumps enabled and doesn't want them?
Bye, Jörg.
--
Du kannst einem Schwein einen goldenen Ring durch die Nase ziehen,
deswegen bleibt es trozdem ein Schwein!