Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

scrottie (4167)

scrottie
  scott@slowass.net
http://slowass.net/

My email address is scott@slowass.net. Spam me harder! *moan*

Journal of scrottie (4167)

Saturday January 14, 2006
04:13 PM

Postfix is a great big pile of stupid crap a

[ #28351 ]

SMTP servers should implement an 'AUTH' command so that clients can
relay mail if they have an account. The AUTH command gives the username
and password slightly hashed, in the simple case. This would probably take a
few dozen lines of C and it's appauling that it isn't built into Postfix.
You can make Postfix an open relay easily enough, but out of concern
for you, they won't let you let users send passwords basically plaintext
and assume you'll heed warnings to make their shell /sbin/nologin if you
do that.

24 hour into reading FAQs that don't work, with documentation in unofficial
looking places that corrects official documentation but contradicts other
unofficial documenation to try to get something stupid to work.

To get the AUTH command, which could decode this base 64 string and
hit getpwent() with the result, you instead have to install hundreds of
thousands of lines of code. Remember that in the absolute best C
code, there's one vulnerability per thousand lines. So I think it's
fair to assume that I have to insert hundreds of vulnerabilities
into my system. Assuming two are patched at once for each patch, that's
at least a hundred times I have to go rebuild.

But that's okay. I love my users. I'm being some kind of retarded
anti-bofh.

But it doesn't work. Following the instructions very carefully --
hundreds of pages worth of them -- I get errors not documented anywhere
that reference configuration parameters not documented anywhere
(and only in Google's database because other users post them asking
for explanation), and the whole thing breaks.

And how could it possibily work? Let's examine for a moment how they've
"architected" this.

Rather than use getpwent() or PAM to do the authentication, or to use
some little hash file in /etc/postfix which would likely result in
people having different passwords for email which is more than fine,
they use what are essentially wrappers around PAM, but the PAM support
is a plugin. And, as everyone knows, all of PAM's authentication
methods are plugins.

So you're using a plugin to Postfix that takes plugins, one of which
is an interface to PAM, and PAM has a plugin that interfaces to
getpwent. Why write a dozen lines of code when you can write a
few hundred thousand? That's three plugins spread across five
libraries and daemons. People wouldn't accept this kind of bullshit
from the inheritance paths in a language's API. If Junka came
out and you had to set up set this up, one line per abstraction,
people would laugh. But do this manually with extreme tedium in
C all of the time.

I'm starting to think that dlopen() and indeed mmap() were bad ideas.
Sun fucked up with shared libraries.

No wonder all of the FAQs give up at some point and say essentially
"oh, heck, for how to configure the X program you need, go read another
FAQ somewhere else that has no idea that anyone would ever want to
use that program for this application and has nothing useful to say
anwyay".

KISS is dead on the road 500 miles behind us, smeared into the crevices
of the concrete, blackened by rubber.

No one who is capable of writing hundreds of thousands of lines of code
should, on any account, be allowed to.