http://bugzilla.spamassassin.org/show_bug.cgi?id=3652
Summary: [RFE] spamd children should terminate after some timeout
limit
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: Other
OS/Version: other
Status: NEW
Severity: enhancement
Priority: P5
Component: spamc/spamd
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
There's been some discussion that we should take a belt and suspenders (a.k.a.
belt and braces in proper English) approach to prevent a bug from causing a DoS
on spamd by setting some timeout limit on spamd child processes.
I'm opening this ticket so we have a place to discuss this and don't forget
about it. The idea is that even if a bug slips through, until it is fixed it
could be exploited to cause a FN but not a DoS.
Note that this issue is for one type of preventative measure that can be taken
to harden security and not about existing security vulnerabilities.
It seems that we could put a SIGALRM handler in the children, but does that work
given that we use SIGALRM for razor, dcc, and pyzor processing in DNS.PM as well
as in SPF and flock?
I've given up on being able to wrap the timer around individual rule or even
message processing in SpamAssassin itself because of quirks in perl signal
handling across versions of perl and across platforms. Putting it at the level
of spamd child processes would take care of production environments. The
solution here could serve as a template for other programs such as MIMEDefang
that use SpamAssassin objects directly.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
