Potential replica message file corruption/replacement

David Carter dpc22 at cam.ac.uk
Fri Feb 16 05:39:30 EST 2007


On Fri, 16 Feb 2007, Bron Gondwana wrote:

> Looks innocent, doesn't it...

Mea culpa (and a definite "Argh, how did I miss _that_" when it was 
pointed out to me yesterday).

> I would advise anyone who has been using replication for any length of 
> time to undertake an audit of the files on their replicas to ensure that 
> none of them have been replaced by this, because if you need to "fail 
> over" you could present users with emails that are not their own. A 
> simple size check will find almost all cases, compare what the imapd 
> returns for rfc822.size with the size of the file on disk.  If you want 
> to get fancy - compute the sha1 or similar of the file at each end and 
> compare that.

This incident underlines the need for automated sanity checks. People 
shouldn't just blindly trust the replication system.

I generate (and constantly regenerate) checksums for message bodies and 
cache entries. On four occasions this has picked up oddities which in 
hindsight were obviously this bug.

-- 
David Carter                             Email: David.Carter at ucs.cam.ac.uk
University Computing Service,            Phone: (01223) 334502
New Museums Site, Pembroke Street,       Fax:   (01223) 334679
Cambridge UK. CB2 3QH.


More information about the Info-cyrus mailing list