oss-sec mailing list archives
Re: Short notes on qmail security guarantee
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Fri, 22 May 2020 05:54:43 -0700
djb's main argument is that nobody gives a lot of memory to qmail-smtpd (and as djb might missed to all other qmail- components).The Qualys advisory quotes DJB saying "I run each qmail service under softlimit -m12345678", so apparently he did not miss that for his own use. The issue is what recommendation was (not) provided publicly.
I think that's an extremely charitable way of looking at it; it's perfectly OK to develop software where the security properties of the code hinge on some non-standard constraints, but then it's affirmatively on the developer to confirm at runtime that these constraints are in place. I.e., setrlimit() or test and abort... Otherwise, you really don't get to blame others, whether there is a cautionary footnote on page 15 of the README or not. /mz
Current thread:
- Short notes on qmail security guarantee Georgi Guninski (May 21)
- Re: Short notes on qmail security guarantee Solar Designer (May 22)
- Re: Short notes on qmail security guarantee Michal Zalewski (May 22)
- Re: Short notes on qmail security guarantee Georgi Guninski (May 22)
- Re: Short notes on qmail security guarantee Arrigo Triulzi (May 22)
- Re: Short notes on qmail security guarantee Perry E. Metzger (May 22)
- Re: Short notes on qmail security guarantee Jeffrey Walton (May 22)
- Re: Short notes on qmail security guarantee Solar Designer (May 22)