Re: [exim-dev] Remote root vulnerability in Exim

Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
MStefan Fritsch, mensaje del <-
MSandro Tosi, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: David Woodhouse
Fecha:  
A: Stefan Fritsch
Cc: exim-dev
Asunto: Re: [exim-dev] Remote root vulnerability in Exim
On Sat, 2010-12-11 at 18:12 +0000, Stefan Fritsch wrote:
> > Also, has the FD leak been addressed in an exim bug report at all? It
> > seems like a very sane thing to do also. There's no need for those to be
> > open to a running program.
>
> Maybe all relevant FDs should be marked with FD_CLOEXEC?

They mostly are already. We neglected to do that on the incoming SMTP
socket, for some reason. Fixed in the patch set I posted for review last
night.

--
dwmw2


Este mensaje se envió a las siguientes listas de correo:
Exim-dev
Información de la lista de correo | Mensajes cercanos		<-[exim-dev] [PATCH 6/6] Set FD_CLOEXEC on SMTP sockets after forking to handle the connection.Re: [exim-dev] [PATCH 5/6] Add TRUSTED_CONFIG_PREFIX_FILE option->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)