Potential replica message file corruption/replacement
David Carter
dpc22 at cam.ac.uk
Fri Feb 16 05:39:30 EST 2007
On Fri, 16 Feb 2007, Bron Gondwana wrote:
> Looks innocent, doesn't it...
Mea culpa (and a definite "Argh, how did I miss _that_" when it was
pointed out to me yesterday).
> I would advise anyone who has been using replication for any length of
> time to undertake an audit of the files on their replicas to ensure that
> none of them have been replaced by this, because if you need to "fail
> over" you could present users with emails that are not their own. A
> simple size check will find almost all cases, compare what the imapd
> returns for rfc822.size with the size of the file on disk. If you want
> to get fancy - compute the sha1 or similar of the file at each end and
> compare that.
This incident underlines the need for automated sanity checks. People
shouldn't just blindly trust the replication system.
I generate (and constantly regenerate) checksums for message bodies and
cache entries. On four occasions this has picked up oddities which in
hindsight were obviously this bug.
--
David Carter Email: David.Carter at ucs.cam.ac.uk
University Computing Service, Phone: (01223) 334502
New Museums Site, Pembroke Street, Fax: (01223) 334679
Cambridge UK. CB2 3QH.
More information about the Info-cyrus
mailing list