Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Anonymous Qmail Denial of Service

From: trev () KICS BC CA (Trev)
Date: Mon, 4 Jan 1999 01:36:31 -0800

At 12:04 AM 1/4/99 -0500, Wietse Venema wrote:

<--big snip-->


What happens when the qmail-queue process is signaled with, say,
SIGKILL? The file will stay in the queue. That's a zero-length
file, owned by qmail, without any user identification whatsoever.


<--snip-->


When this sequence is executed a sufficient number of times, the
queue file system runs out of available resources.  No-one can send
mail. No-one can receive mail. And no-one can be held responsible.


<--snip again-->

Pardon my comments here, I am no qmail expert (I don't even run the thing),
but surely you could get around this by applying a small patch to
qmail-queue to look for such zero-length files and remove any that are
found (ie: one of the first things it does).  If the task of searching the
directory upon each invocation seems too much, have it save a reference
marker to another temp file that qmail-queue could then remove when it
exits successfully.  Wouldn't that prevent that particular DoS?

Trev
Previous By Date Next
Previous By Thread Next

Current thread: