couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <>
Subject Re: Branch to switch from SpiderMonkey to Node.js
Date Mon, 04 Feb 2013 11:18:54 GMT
On Mon, Feb 4, 2013 at 11:59 AM, Klaus Trainer <> wrote:
> On Mon, 2013-02-04 at 11:18 +0100, Benoit Chesneau wrote:
>> DOS has nothing with sandboxing or maybe in a large extent here. Sandboxing
>> in couchjs is about:
>> 1. restrict I/O : no disk or net access from a view
>> 2. make sure that a view function won't leek to another
> One attempt to protect against DOS would be to spawn (sandboxed) worker
> processes, monitor them, and kill them if they misbehave (e.g. time them
> out if they take too much time to process a document). In fact, the
> sandbox npm module ( does something like
> that.
> But you're right. I agree with you that this should be out of scope for
> now, especially in this discussion here.

I think we already prevent such DOS imo with the process execution
timeout. Maybe that need to be improved but this can also be done

- benoit

View raw message