At 12:04 AM 1/4/99 -0500, Wietse Venema wrote: <--big snip--> >What happens when the qmail-queue process is signaled with, say, >SIGKILL? The file will stay in the queue. That's a zero-length >file, owned by qmail, without any user identification whatsoever. <--snip--> >When this sequence is executed a sufficient number of times, the >queue file system runs out of available resources. No-one can send >mail. No-one can receive mail. And no-one can be held responsible. <--snip again--> Pardon my comments here, I am no qmail expert (I don't even run the thing), but surely you could get around this by applying a small patch to qmail-queue to look for such zero-length files and remove any that are found (ie: one of the first things it does). If the task of searching the directory upon each invocation seems too much, have it save a reference marker to another temp file that qmail-queue could then remove when it exits successfully. Wouldn't that prevent that particular DoS? Trev
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:13 PDT