This one time, at band camp, Jefferson Cowart said: > As this bug can lead to a DOS condition I'm tagging it as a security > bug. (I got bit by this one this morning when this bug was created > with the bad message attached.)
I am not sure that's entirely appropriate - it does make the MTA 4xx incoming messages if you run out $TMP space, but it doesn't create an outright DoS - clamd still runs and processes new requests. It will also significantly add to system load, but it is not enough (at least here, with a relatively weak machine) to kill it. Essentially all it really does is make one thread of the scanner work unnecessarily hard, for an unnecessary amount of time (it does seem to eventually finish, BTW - it just takes way longer than a reasonable SMTP exchange could be expected to wait). I am not going to argue, though, as I feel it's more important to fix it than to waste time debating semantics :) -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
pgpR2Z9QjMQ41.pgp
Description: PGP signature
