Feizhou wrote:
> Ooh, I am so worried.
>
> My 16GB RAM server runs qmail-smtpd with no memory limits out of inetd
> on a FreeBSD 5.0 box on Opteron hardware and now I am vulnerable.
>
> The 'exploit' might be possible IF you explicitly give the qmail-smtpd
> process unlimited memory and you have more than 4GB RAM available and
> you also run on an Opteron with FreeBSD 5.0.
People do stupid things from time to time. And people also make stupid
typos in config files from time to time. Esp. if they are newbees. So
yes, some newbee that has oversized machine could give qmail-smtpd
unlimited memory (or simply too much memory).
Blindly assuming something fits into 32-bits and not doing checks is a
bug. It might be theoretical bug that will not manifest itself in
normal, standard or whatever you want to call them configurations, but
still bug. Qmail should either check its memory limit and refuse to run
if it was given too much (so that things do not fit into 32-bits
anymore), or it should do proper checks and/or use proper types to
prevent overflows.
After all, there's that famous quote from Bill Gates: "640K ought to be
enough for anybody". Who knows, maybe one day we'll be quoting qmail
author instead: "32 bits ought to be enough for anybody".
