Abacwaningi bezokuphepha abavela e-Qualys
Inkinga ibangelwa ukuchichima okuphelele emsebenzini we-stralloc_readyplus(), okungenzeka uma kucutshungulwa umlayezo omkhulu kakhulu. Ukusebenza bekudinga isistimu engu-64-bit enememori ebonakalayo engaphezu kuka-4GB. Lapho ubungozi buhlaziywa ekuqaleni ngo-2005, u-Daniel J. Bernstein waphikisa ngokuthi ukuqagela kukhodi ukuthi usayizi wamalungu afanayo abelwe uhlale ungaphakathi kwevelu engu-32-bit usekelwe eqinisweni lokuthi akekho ohlinzeka ngamagigabhayithi enkumbulo kunqubo ngayinye. Eminyakeni engu-15 edlule, amasistimu angama-64-bit kumaseva athathe indawo yezinhlelo ze-32-bit, futhi inani lememori enikeziwe kanye nomkhawulokudonsa wenethiwekhi liye landa kakhulu.
Abanakekeli bephakheji le-qmail bacabangele inothi lika-Bernstein futhi bakhawulela inkumbulo etholakalayo lapho beqala inqubo ye-qmail-smtpd (isibonelo, ku-Debian 10 umkhawulo usethelwe ku-7MB). Kodwa onjiniyela abavela e-Qualys bathola ukuthi lokhu akwanele futhi, ngaphezu kwe-qmail-smtpd, ukuhlasela okukude kungenziwa kunqubo ye-qmail-yasendaweni, ehlale inganqunyelwe kuwo wonke amaphakheji ahloliwe. Njengobufakazi, i-prototype yokuxhaphaza yalungiswa eyayifanele ukuhlasela iphakheji ye-Debian nge-qmail ekucushweni okuzenzakalelayo.
Ukuze uhlele ukusetshenziswa kwekhodi yesilawuli kude ngesikhathi sokuhlasela, iseva idinga u-4GB wesikhala samahhala sediski kanye no-8GB we-RAM.
Ukuxhashazwa kukuvumela ukuthi usebenzise noma yimiphi imiyalo yegobolondo enamalungelo anoma yimuphi umsebenzisi ohlelweni, ngaphandle kwabasebenzisi bempande nesistimu abangenalo olwabo uhla lwemibhalo “/ekhaya” (inqubo ye-qmail-yasendaweni yethulwa ngamalungelo yomsebenzisi wendawo okulethwa kuye).
Ukuhlasela kuyenziwa
ngokuthumela umlayezo wemeyili omkhulu kakhulu, ohlanganisa imigqa kanhlokweni eminingana, ekala u-4GB no-576MB. Ukucubungula uchungechunge olunjalo kumiphumela ye-qmail-yasendaweni ekuchichimeni okuphelele lapho uzama ukuletha umlayezo kumsebenzisi wendawo. Ukuchichima okuphelele kube sekuholela ekuchichimeni kwebhafa lapho ukopisha idatha kanye nethuba lokubhala phezu kwamakhasi ememori ngekhodi ye-libc. Ngokukhohlisa ukwakheka kwedatha edlulisiwe, kuyenzeka futhi ukuthi ubhale kabusha ikheli lomsebenzi othi "vula()", esikhundleni salo ngekheli lomsebenzi "wesistimu()".
Okulandelayo, kwinqubo yokubiza qmesearch() ku-qmail-local, ifayela elithi “.qmail-extension” livulwa ngomsebenzi ovulekile (), oholela ekwenzeni kwangempela komsebenzi.
system(".qmail-extension"). Kodwa njengoba ingxenye yefayela “yesandiso” yenziwe ngokusekelwe ekhelini lomamukeli (ngokwesibonelo, “localuser-extension@localdomain”), abahlaseli bangahlela ukuthi umyalo uthunyelwe ukuze uqalise ngokucacisa umsebenzisi “localuser-;command. ;@localdomain” njengomamukeli womlayezo.
Ngesikhathi sokuhlaziywa kwekhodi, ubungozi obubili buphinde bakhonjwa esiqeshini esengeziwe sokuqinisekisa i-qmail, okuyingxenye yephakheji ye-Debian. Ukuba sengozini kokuqala (
Ukuze kuxazululwe inkinga, uBernstein uncome ukusebenzisa izinqubo ze-qmail ezinomkhawulo ophelele kumemori etholakalayo (“softlimit -m12345678”), lapho inkinga ivinjwa khona. Njengenye indlela yokuvikela, ukukhawulela usayizi omkhulu womlayezo ocutshunguliwe ngefayela elithi “control/databytes” kuyashiwo (ngokuzenzakalelayo akwenziwa ngezilungiselelo ezizenzakalelayo i-qmail ihlala isengozini). Ukwengeza, "control/databytes" akuvikeli ekuhlaselweni kwendawo kusuka kubasebenzisi besistimu, njengoba umkhawulo ubhekwa kuphela yi-qmail-smtpd.
Inkinga ithinta iphakheji
Source: opennet.ru