[hylafax-devel] Re: problem to submit a fax request

To: <hylafax-devel@hylafax.org>
Subject: [hylafax-devel] Re: problem to submit a fax request
From: Steve Williams <steve@genie96.com>
Date: Thu, 09 Mar 2000 09:18:00

Hi,

With regards to the error:

$ sendfax -m -n -d555-1212 < /etc/termcap
553 Unable to open sequence number file docq/seqf; File exists.

I took 10 minutes to look into this problem today...

According to both the Linux AND Aix man pages:

The man pages for open ( on AIX & Linux ) both state:

O_EXCL  If the O_EXCL and O_CREAT flags are set, the open is unsuccessful
if the file exists.

Well, I would say that whoever "secured" the code didn't take into 
consideration that file will only be created ONCE, thereafter it will
exist...which cause the open to fail because it's combined with O_CREAT..

As Robert states, the permissions have also been changed from 660 to 600.

Removing the O_EXCL from the code has given me a fully functional hfaxd.

Given that 

a) There is no way the patch could EVER have worked...unless suse doesn't
   handle O_EXCL combined with O_CREAT the same as Redhat ( albiet 4.2 )..

b) There was no due diligence executed, because there are 4 sequence files
   used by HylaFAX, and the patch was only applied to one of the sequence
   files..

-rw-------   1 uucp     60002          5 Mar 08 23:37 /var/spool/fax/docq/seqf
-rw-------   1 uucp     uucp           5 Mar 08 23:37 /var/spool/fax/log/seqf
-rw-------   1 uucp     uucp           3 Mar 05 21:59 /var/spool/fax/recvq/seqf
-rw-------   1 uucp     60002          5 Mar 08 23:37 /var/spool/fax/sendq/seqf

My recommendation is to commit removing the O_EXCL in hfaxd/HylaFAXServer.c++
until such point in time that someone submits viable security patches..
( read... NOT ME )

Let me re-confirm, HylaFAX DOES NOT have the seqf open by multiple processes
( fuser/lsof ) both confirm this.  The problem is with the combination of
O_CREAT and O_EXCL WHEN THE FILE ALREADY EXISTS!!

I'm going to leave the hfaxd running & see how it does production wise 
tomorrow...

Should be interesting...

> 
> At 01:13 AM 3/6/00 +0000, Darren Nickerson wrote:
> 
> >Looks good to me! Can anyone suggest a reason I should not commit this 
> >change? Is this the right way to fix the problem?
> 
> The O_EXCL flag was put in as part of the suse security patches(of which i 
> still have the one on ip source routed packets to commit).  The idea is 
> that if you have to create the file ie O_CREAT you also need exclusive 
> access to it to prevent other people playing stupid games linking the file 
> to something else and you destroying the something else when you write to 
> what you think is the seqf  file.
> 
> The suse patch also changed the privileges to 0600 from 0660 i think.
> 
> ....but obviously this doesnt work, hylafax obviously needs to have 
> multiple processes(perhaps hfaxd and faxq) open the file at the same time 
> or something....the hylafax queueing design is very bad, about the middle 
> of last year i was trying to add job batching but the existing code was so 
> awful i gave up and started planning a rewrite of the whole thing from 
> scratch....unfortunately since work has intervened and i have no free time 
> at all to do this.
> 
> - Robert
> 

-- 
	Steve Williams, Calgary, Alberta, Canada
	Genie Computer Systems Inc.
	steve@genie96.com

"A man doesn't begin to attain wisdom until he recognizes that he is 
 no longer indispensable."
- Admiral Richard E. Byrd ( 1888-1957 )

Prev by Date: [hylafax-devel] Thanks & 2 more patches
Next by Date: Re: [hylafax-devel] Re: Updating 4.1beta2
Prev by thread: [hylafax-devel] Re: problem to submit a fax request
Next by thread: [hylafax-devel] Re: problem to submit a fax request
Index(es):
- Main
- Thread

Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services