cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J.Pietschmann" <j3322...@yahoo.de>
Subject Re: XSL Security question
Date Thu, 30 Jan 2003 19:42:50 GMT
Niclas Hedhman wrote:
>>What kind of DoS attacks would you expect?
> 
> 
> If I can upload an XSL, I can have an infinite loop in the XSL, and then issue 
> continous HTTP requests invoking that XSL, effectively eating up both RAM and 
> CPU time.

Also eating up bandwidth, and if the server is hot iron hooked
to a  fat pipe, you can bring down the target end of the URL by
swamping it with requests. Actually, this was the main idea.

J.Pietschmann


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org


Mime
View raw message