Summary: | cyrus-imapd: deliver segfaults | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Karsten Becker <karstenrbecker> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | RESOLVED CANTFIX | ||
Severity: | major | CC: | azarah, langthang, pageexec |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | My kernel config. |
Description
Karsten Becker
2006-04-23 23:55:57 UTC
Created attachment 85333 [details]
My kernel config.
Attached my kernel config with the kernel-side settings of grsec and pax.
Pretty much same system/setup, just do not have USE=hardened (although hardened kernel). Also have deliver segfaulting, this in main.cf works though for those that might not be able to wait: ----- mailbox_transport = lmtp:unix:/var/imap/socket/lmtp ----- (In reply to comment #2) > Pretty much same system/setup, just do not have USE=hardened (although hardened > kernel). Also have deliver segfaulting, this in main.cf works though for those > that might not be able to wait: > > ----- > mailbox_transport = lmtp:unix:/var/imap/socket/lmtp > ----- > Martin, and this is an AMD64 too? Well, I have news. I got it working with disabling prelinking on the system. How I got the idea: After a re-emerge of cyrus-imap and postfix it worked for a day. After the first day it crashed again. I got a daily cron running doing a "prelink -afmR", so I turned that off. And voila, since then it works. No more crashes. That seemed to be the trick for my system. Regards Karsten Last time I checked, prelink wasn't playing nice with hardened systems (although it should play together). On a PaX-enabled kernel, prelink data is ignored. So running prelink on such a systems is a waste of time, anyway :) Having said that, I don't see how prelinking it should cause it to segfault. Does cyrus imap really require all the PaX controls to be relaxed, or did you do that just for testing? If it really does, I'd suggest using a different imap server... (In reply to comment #1) > Created an attachment (id=85333) [edit] > My kernel config. > > Attached my kernel config with the kernel-side settings of grsec and pax. you have CONFIG_PAX_HAVE_ACL_FLAGS=y which means that paxctl may not matter at all as the ACL system of your choice (probably grsec) has the final say over the per-process PaX flags. next, since it's a reproducible crash, you should get a coredump, or even better, run the failing command from within gdb itself and post some info like 'bt', 'x/8i $pc', 'i r', etc when the segfault occurs. based on the provided logs so far, it looks like some NULL deref, but we can't tell more until you can provide the gdb info. i'd also like to see an ldd on the crashing binary. also, you could leave prelink enabled but disable randomization (echo 0 > /proc/sys/kernel/randomize_va_space) and see if that still fails (and if it does, provide the same info from gdb). Well, due to the fact that it's year 2007 now and one year after my opening, the setup is stable and productive in the meantime. So I can't give you the info's needed because I cannot set up a crashing IMAP on a productive system. My boss would kill me... |