Masu binciken tsaro daga Qualys
Matsalar tana faruwa ne ta hanyar ambaliya mai lamba a cikin aikin stralloc_readyplus(), wanda zai iya faruwa yayin sarrafa babban saƙo. Aiki yana buƙatar tsarin 64-bit tare da fiye da 4GB na ƙwaƙwalwar ajiya. Lokacin da aka fara nazarin raunin da ya faru a cikin 2005, Daniel J. Bernstein ya yi jayayya cewa zato a cikin lambar cewa girman girman da aka keɓe yana cikin ƙimar 32-bit ya dogara ne akan gaskiyar cewa babu wanda ke ba da gigabytes na ƙwaƙwalwar ajiya ga kowane tsari. A cikin shekaru 15 da suka gabata, tsarin 64-bit akan sabobin sun maye gurbin tsarin 32-bit, kuma adadin ƙwaƙwalwar da aka kawo da bandwidth na cibiyar sadarwa ya karu sosai.
Masu kula da kunshin qmail sun yi la'akari da bayanin Bernstein kuma sun iyakance adadin ƙwaƙwalwar ajiya lokacin fara aikin qmail-smtpd (misali, a cikin Debian 10 an saita iyaka zuwa 7MB). Amma injiniyoyi daga Qualys sun gano cewa wannan bai isa ba kuma, ban da qmail-smtpd, ana iya kai hari mai nisa akan tsarin qmail-local, wanda ya kasance ba tare da iyakancewa ba a cikin duk fakitin da aka gwada. A matsayin hujja, an shirya samfurin amfani wanda ya dace da kai hari kan kunshin Debian tare da qmail a cikin tsarin da aka saba.
Don tsara aiwatar da aiwatar da lambar nesa yayin harin, uwar garken yana buƙatar 4GB na sarari diski kyauta da 8GB na RAM.
Amfanin yana ba ku damar gudanar da kowane umarni harsashi tare da haƙƙin kowane mai amfani a cikin tsarin, ban da tushen da masu amfani da tsarin waɗanda ba su da nasu kundin adireshi a cikin kundin “/ gida” (an ƙaddamar da tsarin qmail-local tare da haƙƙin mallaka. na mai amfani na gida wanda ake bayarwa).
An kai harin
ta hanyar aika saƙon saƙo mai girman gaske, gami da layukan kai da yawa, masu auna kusan 4GB da 576MB. Sarrafa irin wannan kirtani a cikin qmail-local yana haifar da cikar lambatu yayin ƙoƙarin isar da saƙo ga mai amfani na gida. Matsakaicin adadin lamba sannan yana haifar da ambaliya lokacin yin kwafin bayanai da yuwuwar sake rubuta shafukan ƙwaƙwalwar ajiya tare da lambar libc. Ta hanyar sarrafa shimfidar bayanan da aka watsa, Hakanan yana yiwuwa a sake rubuta adireshin aikin "buɗe ()", maye gurbin shi da adireshin aikin "tsarin ()".
Bayan haka, a cikin aiwatar da kiran qmesearch () a cikin qmail-local, ana buɗe fayil ɗin “.qmail-extension” ta hanyar buɗe () aikin, wanda ke kaiwa ga ainihin aiwatar da aikin.
tsarin ("qmail-extension"). Amma tunda an samar da ɓangaren “tsawo” na fayil ɗin bisa adireshin mai karɓa (misali, “localuser-extension@localdomain”), maharan za su iya shirya umarnin da za a aika ta hanyar tantance mai amfani da “localuser-; order ;@localdomain” a matsayin mai karɓar saƙon.
Yayin binciken lambar, an kuma gano lahani guda biyu a cikin ƙarin facin-tabbatar da qmail, wanda ke cikin kunshin na Debian. Lalacewar farko (
Don magance matsalar, Bernstein ya ba da shawarar gudanar da ayyukan qmail tare da iyakacin iyaka akan ƙwaƙwalwar ajiyar da ke akwai ("softlimit -m12345678"), inda matsalar ke toshe. A matsayin madadin hanyar kariya, iyakance iyakar girman saƙon da aka sarrafa ta hanyar fayil ɗin "control/databytes" kuma an ambaci shi (ba a ƙirƙira shi tare da saitunan tsoho qmail ya kasance mai rauni). Bugu da ƙari, "control/databytes" baya karewa daga hare-haren gida daga masu amfani da tsarin, tun da qmail-smtpd kawai ake la'akari da iyaka.
Matsalar tana shafar kunshin
source: budenet.ru