Re: Reducing the attack surface caused by Berkeley DB...
- Date: Fri, 26 Jan 2018 23:48:25 +0100
- From: Lionel Debroux <lionel_debroux@xxxxxxxx>
- Subject: Re: Reducing the attack surface caused by Berkeley DB...
On 1/26/18 7:05 AM, Scott Kitterman wrote:
> On Thursday, January 25, 2018 11:59:06 PM Lionel Debroux wrote:
> > [...]
> > ---
> > Do you think we should start the journey of getting rid of libdb5.3
> > at a wide scale ? And if so, how to optimize resource usage in
> > general ? :)
> > ---
> Ultimately BDB is a dead end for non-AGPL projects. So my answer to
> your first question is a definite yes.
> I'd like to know what the preferred replacement is. I maintain a few
> less heavily used packages that use libdb5.3 and I need to know what
> to tell upstream they should port to. I don't know enough to have a
> real technical opinion. Is lmdb the general solution?
In some (most ?) cases, it would seem so, indeed.
But there's now a wider variety of key/value databases (even those which
don't fork and communicate through *nix or network sockets) than, say, a
decade ago. I remember that several years ago, bitcoind/bitcoin-qt
switched from BDB to LevelDB.
> As far as postfix goes (which I also co-maintain) that is a two
> release cycle project (it's complicated, but upgrades don't work
> otherwise - if anyone cares see what we did for postfix-sqlite. It's
> no problem to switch to a difference default map type, but it'd be
> nice if we could switch it once to something that was otherwise
> already likely to be installed.
liblmdb* or libleveldb* are much less popular in popcon by_inst than
Do we know whether LMDB, and other candidate databases for replacing
BDB, have received suitable hardening against data corruption and fuzzing ?