[pkg-kolab] Bug#411240: kolab-cyrus-imapd: Corrupt quota files
cause data loss
vorlon at debian.org
Wed Mar 21 10:57:36 CET 2007
severity 411240 important
After a look at the code, I've concluded that this bug does not cause real
data loss: lmtpd checks the user quota when verifying the message recipient,
so this bug should trigger well before any data is accepted for delivery,
and any data loss is the fault of the sending application for not gracefully
handling a delivery failure. It is possible to use the 'ignorequota' option
to override the quota check while verifying the recipient, but even then the
subsequent failure happens before lmtpd acknowledges delivery.
So although this is a bug, given that I also don't see any data path by
which lmtpd would check quotas for users other than the intended recipients
the practical impact of fixing this bug is small: returning a segfault
instead of an error message in the event of a quota error should not
significantly impact the integrity of data on the sender's side.
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
More information about the pkg-kolab-devel