Abacwaningi bezokuphepha abavela e-Qualys ithuba ubungozi kuseva yemeyili ye-qmail, emuva ngo-2005 (CVE-2005-1513), kodwa yahlala ingathunyelwanga ngoba umbhali we-qmail waphikisa ngokuthi kwakungeyona into engokoqobo ukudala ukuxhaphaza okusebenzayo okungasetshenziswa ukuhlasela amasistimu ekucushweni okuzenzakalelayo. I-Qualys ikwazile ukulungiselela ukuxhaphaza okuphikisana nalokhu kucatshangelwa futhi ivumela umuntu ukuthi aqalise ukukhishwa kwekhodi ekude kuseva ngokuthumela umlayezo oklanywe ngokukhethekile.
Inkinga ibangelwa ukuchichima okuphelele emsebenzini we-stralloc_readyplus(), okungenzeka uma kucutshungulwa umlayezo omkhulu kakhulu. Ukusebenza bekudinga isistimu engu-64-bit enememori ebonakalayo engaphezu kuka-4GB. Lapho ubungozi buhlaziywa ekuqaleni ngo-2005, u-Daniel J. Bernstein waphikisa ngokuthi ukuqagela kukhodi ukuthi usayizi wamalungu afanayo abelwe uhlale ungaphakathi kwevelu engu-32-bit usekelwe eqinisweni lokuthi akekho ohlinzeka ngamagigabhayithi enkumbulo kunqubo ngayinye. Eminyakeni engu-15 edlule, amasistimu angama-64-bit kumaseva athathe indawo yezinhlelo ze-32-bit, futhi inani lememori enikeziwe kanye nomkhawulokudonsa wenethiwekhi liye landa kakhulu.
Abanakekeli bephakheji le-qmail bacabangele inothi lika-Bernstein futhi bakhawulela inkumbulo etholakalayo lapho beqala inqubo ye-qmail-smtpd (isibonelo, ku-Debian 10 umkhawulo usethelwe ku-7MB). Kodwa onjiniyela abavela e-Qualys bathola ukuthi lokhu akwanele futhi, ngaphezu kwe-qmail-smtpd, ukuhlasela okukude kungenziwa kunqubo ye-qmail-yasendaweni, ehlale inganqunyelwe kuwo wonke amaphakheji ahloliwe. Njengobufakazi, i-prototype yokuxhaphaza yalungiswa eyayifanele ukuhlasela iphakheji ye-Debian nge-qmail ekucushweni okuzenzakalelayo.
Ukuze uhlele ukusetshenziswa kwekhodi yesilawuli kude ngesikhathi sokuhlasela, iseva idinga u-4GB wesikhala samahhala sediski kanye no-8GB we-RAM.
Ukuxhashazwa kukuvumela ukuthi usebenzise noma yimiphi imiyalo yegobolondo enamalungelo anoma yimuphi umsebenzisi ohlelweni, ngaphandle kwabasebenzisi bempande nesistimu abangenalo olwabo uhla lwemibhalo “/ekhaya” (inqubo ye-qmail-yasendaweni yethulwa ngamalungelo yomsebenzisi wendawo okulethwa kuye).
Ukuhlasela kuyenziwa
ngokuthumela umlayezo wemeyili omkhulu kakhulu, ohlanganisa imigqa kanhlokweni eminingana, ekala u-4GB no-576MB. Ukucubungula uchungechunge olunjalo kumiphumela ye-qmail-yasendaweni ekuchichimeni okuphelele lapho uzama ukuletha umlayezo kumsebenzisi wendawo. Ukuchichima okuphelele kube sekuholela ekuchichimeni kwebhafa lapho ukopisha idatha kanye nethuba lokubhala phezu kwamakhasi ememori ngekhodi ye-libc. Ngokukhohlisa ukwakheka kwedatha edlulisiwe, kuyenzeka futhi ukuthi ubhale kabusha ikheli lomsebenzi othi "vula()", esikhundleni salo ngekheli lomsebenzi "wesistimu()".
Okulandelayo, kwinqubo yokubiza qmesearch() ku-qmail-local, ifayela elithi “.qmail-extension” livulwa ngomsebenzi ovulekile (), oholela ekwenzeni kwangempela komsebenzi.
system(".qmail-extension"). Kodwa njengoba ingxenye yefayela “yesandiso” yenziwe ngokusekelwe ekhelini lomamukeli (ngokwesibonelo, “localuser-extension@localdomain”), abahlaseli bangahlela ukuthi umyalo uthunyelwe ukuze uqalise ngokucacisa umsebenzisi “localuser-;command. ;@localdomain” njengomamukeli womlayezo.
Ngesikhathi sokuhlaziywa kwekhodi, ubungozi obubili buphinde bakhonjwa esiqeshini esengeziwe sokuqinisekisa i-qmail, okuyingxenye yephakheji ye-Debian. Ukuba sengozini kokuqala () ikuvumela ukuthi udlule ukuqinisekiswa kwekheli le-imeyili, bese okwesibili () kuholela ekuvuzeni kolwazi lwendawo. Ikakhulukazi, ukuba sengozini kokuqala kukuvumela ukuthi weqe ukuqinisekiswa kokulunga kwekheli elisetshenziswe ekuxhashazweni ukuze uthumele umyalo (ukuqinisekisa akusebenzi kumakheli angenawo isizinda, njengokuthi “localuser-;command;”). Ukuba sengozini kwesibili kungasetshenziswa ukuhlola ubukhona bamafayela nezinkomba kusistimu, okuhlanganisa nalezo ezifinyeleleka kuphela kumpande (i-qmail-verify isebenza ngamalungelo empande), ngocingo oluqondile oluya kusiphathi sendawo.
Ukuze kuxazululwe inkinga, uBernstein uncome ukusebenzisa izinqubo ze-qmail ezinomkhawulo ophelele kumemori etholakalayo (“softlimit -m12345678”), lapho inkinga ivinjwa khona. Njengenye indlela yokuvikela, ukukhawulela usayizi omkhulu womlayezo ocutshunguliwe ngefayela elithi “control/databytes” kuyashiwo (ngokuzenzakalelayo akwenziwa ngezilungiselelo ezizenzakalelayo i-qmail ihlala isengozini). Ukwengeza, "control/databytes" akuvikeli ekuhlaselweni kwendawo kusuka kubasebenzisi besistimu, njengoba umkhawulo ubhekwa kuphela yi-qmail-smtpd.
Inkinga ithinta iphakheji , kufakwe kumakhosombe e-Debian. Isethi yamapeshi ilungiselelwe le phakheji, isusa kokubili ubungozi obudala kusukela ku-2005 (ngokwengeza imikhawulo yememori eqinile ku-alloc() ikhodi yokusebenza) kanye nezinkinga ezintsha ku-qmail-verify. Ngokuhlukana inguqulo ebuyekeziwe yesichibi sokuqinisekisa i-qmail. Onjiniyela balungisa amapheshana abo ukuze bavimbe izinkinga ezindala, baphinde baqala ukusebenza ukuze baqede konke ukuchichima okuphelele okungenzeka kukhodi.
Source: opennet.ru