OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Bug/feature in alias handling
From: Wietse Venema (wietseporcupine.org)
Date: Mon Mar 13 2000 - 17:04:31 CST

Postfix implements line length limits in order to protect itself
against run-away conditions due to unreasonable inputs.

I consider 2kbyte lines in :include: files not reasonable.

In the case of unreasonable inputs, Postfix does not have to bend
over backwards in order to please the world.

        Wietse

Tim Bell:
> We have some aliases which are defined like this:
>
> group: :include:/etc/mail/lists/group
>
> and then the file /etc/mail/lists/group contains a comma-separated list
> of logins, all on one line, e.g.:
>
> auser,buser,cuser,duser,root
>
> Recently we discovered that some mail to one of these lists had been
> sent to the unknown users "ro" and "ot". It turns out that the line in
> the included file had grown quite large; the first "o" of "root" was
> the 2048th character, and the second "o" was the 2049th. I'm assuming
> the line was split because of maximum line buffer considerations.
>
> The bug as I see it is not necessarily the splitting of the line in the
> middle of a username, although that could potentially lead to mail
> misdirection. If there had been some warning, ideally to stderr when I
> run newaliases (postalias), or to syslog, then the problem could be
> fixed before any mail is sent to that alias.
>
> I have fixed the silly long lines in our lists which led to the problem,
> but I think the addition of a suitable warning in postfix would also
> be useful.
>
> Regards,
>
> Tim.
> --
> Tim Bell - bhattrinity.unimelb.edu.au - System Administrator & Programmer
> Trinity College, Royal Parade, Parkville, Victoria, 3052, Australia
>
>
>
>