Closed Bug 331309 Opened 19 years ago Closed 19 years ago

Bonsai sends email in an unreliable way

Categories

(Webtools Graveyard :: Bonsai, defect)

Product:
Webtools Graveyard
Component:
Bonsai
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dbaron, Assigned: bear)

References

Details

Attachments

(1 file)

v1.0
1.10 KB, patch
bear
: review+
Details | Diff | Splinter Review
This is a problem that we've known about for a while, but I can't find a bug on it (should've filed it at the time; perhaps even did), although it's certainly possible that there is and I can't see it. The way bonsai sends email is not reliable -- the code in dolog.pl connects to port 25. Typical sendmail behavior is to stop listening when load on the machine gets too high -- this happened quite often back when we had lots of other things on the same machine as the mozilla.org webtree bonsai instance. When this happens, the committer simply sees the error message in dolog.pl (alerting him to the fact that the commit was not logged to bonsai). A malicious person with commit access could use this to sneak in checkins unobserved, especially with a mailbomb or other attack to raise the load on the server and create such a condition. I consider this a security hole given how much we rely on bonsai to monitor checkins. This code should be rewritten to use the local mail spool instead of connecting directly to port 25.
I filed bug 331310 on the cvsmailfilter.pl script that our cvs server uses, which has the code from dolog.pl copied into it.
Blocks: 331310
No longer blocks: 331310
Blocks: 331310
Yeah, this is bug 26839. But that's not flagged as security, and since you give good ways to kill things in this bug, not sure I should dupe it.
No longer blocks: 331310
Blocks: 331310
changing severity to major so this bubbles to the top of my bonsai todo list
Assignee: tara → bear
Severity: normal → major
Attached patch v1.0Splinter Review
Sometimes you want to avoid using the default mailservers used by the local mailspool so I left in the option to still use smtp via $mailhost.
Attachment #227478 - Flags: review?(bear)
Attachment #227478 - Flags: review?(bear) → review+
Checking in webtools/bonsai/dolog.pl; /cvsroot/mozilla/webtools/bonsai/dolog.pl,v <-- dolog.pl new revision: 1.24; previous revision: 1.23 done
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
fwiw, (I was just pointed at this bug) that got set back to 0 locally when I installed it on the cvs server, because sendmail is not installed inside the chroot jail (and wouldn't be able to access the system-level mail spool if it was). Since we run chrooted, we have no choice but to use SMTP to get the mail out.
Group: webtools-security
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: