IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Suggestions Forum / In the meantime...
Post #238,444
by admin
Picture of admin
12/17/05 6:23:32 PM
Reply
New In the meantime...
Can spamd be run as a user with ulimited resources?
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
Post #238,487
by folkert
Picture of folkert
12/18/05 6:18:44 PM
12/18/05 6:18:55 PM
Reply
New It already is being limited. (And problems fixed)
to 5 child pids.

The real problems is the direct calling of exim with the alias "sendmail" from the exploit.

Oh, btw we are upto date on TWiki patches, we only had 3 out of 7 applied.

7 out of 7 applied at this point.

It also appears that this fixes the twiki "arbitrary execution with revision" hole/exploit.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
Freedom is not FREE.
Yeah, but 10s of Trillions of US Dollars?
SELECT * FROM scog WHERE ethics > 0;

0 rows returned.
Expand Edited by folkert Dec. 18, 2005, 06:18:55 PM EST
Expand All History
Post #238,496
by Another Scott
12/18/05 7:24:48 PM
Reply
New Thankee sai.
     Z's *really* sluggish for me - elsewhere's OK. Something up? -NT - (Another Scott) - (22) - Dec. 15, 2005, 04:59:55 PM EST
         Ditto here. -NT - (a6l6e6x) - (3) - Dec. 15, 2005, 05:09:12 PM EST
             That...makes...three...of...us......... -NT - (jb4) - (2) - Dec. 15, 2005, 05:40:28 PM EST
                 Everything is sluggish for me - (bepatient) - (1) - Dec. 15, 2005, 06:05:52 PM EST
                     Yup, even my RFC-1149g pigeons have slack-wing today :( -NT - (Ashton) - Dec. 15, 2005, 06:22:56 PM EST
         nailed by spamd - (Yendor) - (17) - Dec. 15, 2005, 05:58:21 PM EST
             ouch. - (Steve Lowe) - Dec. 15, 2005, 07:25:53 PM EST
             virilent Sobor making the rounds, hotmail on its knees -NT - (boxley) - Dec. 15, 2005, 10:24:44 PM EST
             Could bird flu be mutated Windoze? - (Ashton) - Dec. 16, 2005, 12:14:50 AM EST
             There is an undiscovered by me... - (folkert) - (13) - Dec. 16, 2005, 11:30:16 PM EST
                 can you post/send associated data of a "sent" email please? -NT - (boxley) - (2) - Dec. 16, 2005, 11:32:00 PM EST
                     Maybe tomorrow. -NT - (folkert) - (1) - Dec. 16, 2005, 11:44:33 PM EST
                         we are seeing a large push of stuff at the moment - (boxley) - Dec. 17, 2005, 12:17:58 AM EST
                 That explains my apache error log. - (static) - (6) - Dec. 17, 2005, 07:05:56 AM EST
                     Re: That explains my apache error log. - (Yendor) - (5) - Dec. 17, 2005, 11:03:49 AM EST
                         probably a script trying the following - (boxley) - (3) - Dec. 17, 2005, 07:01:10 PM EST
                             Well, whatever the reason... - (admin) - (2) - Dec. 17, 2005, 07:03:01 PM EST
                                 turn off sendmail and spamd till issue found -NT - (boxley) - Dec. 17, 2005, 08:07:59 PM EST
                                 It is not spamd with 7K pids. - (folkert) - Dec. 18, 2005, 06:15:32 PM EST
                         That has a familiar look. - (static) - Dec. 18, 2005, 07:02:55 PM EST
                 In the meantime... - (admin) - (2) - Dec. 17, 2005, 06:23:32 PM EST
                     It already is being limited. (And problems fixed) - (folkert) - (1) - Dec. 18, 2005, 06:18:55 PM EST
                         Thankee sai. -NT - (Another Scott) - Dec. 18, 2005, 07:24:48 PM EST

Well, I should say!
47 ms