Return-Path: 
 <dev-return-25101-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-dev-archive@www.apache.org
Delivered-To: apmail-couchdb-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id C9BE8EF51
	for <apmail-couchdb-dev-archive@www.apache.org>;
 Mon,  4 Feb 2013 11:19:20 +0000 (UTC)
Received: (qmail 63806 invoked by uid 500); 4 Feb 2013 11:19:20 -0000
Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org
Received: (qmail 63783 invoked by uid 500); 4 Feb 2013 11:19:20 -0000
Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@couchdb.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@couchdb.apache.org>
List-Post: <mailto:dev@couchdb.apache.org>
List-Id: <dev.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list dev@couchdb.apache.org
Received: (qmail 63758 invoked by uid 99); 4 Feb 2013 11:19:19 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Feb 2013 11:19:19 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of bchesneau@gmail.com
 designates 209.85.210.182 as permitted sender)
Received: from [209.85.210.182] (HELO mail-ia0-f182.google.com)
 (209.85.210.182)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Feb 2013 11:19:14 +0000
Received: by mail-ia0-f182.google.com with SMTP id w33so7964687iag.27
        for <dev@couchdb.apache.org>; Mon, 04 Feb 2013 03:18:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:x-received:in-reply-to:references:date:message-id
         :subject:from:to:content-type;
        bh=MG3x0M7pqxtqKSRpIqkOVryTXLRwqe9kL+KKIsxsrbo=;
        b=QRbZX8JD+JPLULlJnrMo3hr8dVGPeSDsO/A7bdjnTrfNr9XdSp+1ts7Kq27s0/ltj/
         ZGsbdukMe1HArr1XwPPq+uVctwbD5jLiyAvcu50WZGt/AVw0UCjSMysLju0YNGjn37mO
         jd/ddYBDu22WC6AeRS4yBoXmzVXmRw5K6eyq4uahYboZD6vrE39sgOhUwhh9f5s94ufH
         3FYakSBSCGmo/UurUh7rAJrD5fMI58qQgjhA/Du2ivS27FyVKUlBfn3miQ4adY6e3NYK
         uvSRo8Q3mBEXsQcNb1qIB+krjXO/3pDiXleJIMQJ107MY5j1pajJG0GCjKQ/6Fw+PNoP
         8t6A==
MIME-Version: 1.0
X-Received: by 10.42.81.148 with SMTP id z20mr15608965ick.5.1359976734363;
 Mon, 04 Feb 2013 03:18:54 -0800 (PST)
Received: by 10.64.29.13 with HTTP; Mon, 4 Feb 2013 03:18:54 -0800 (PST)
In-Reply-To: <1359975556.10244.13.camel@devil>
References: 
 <CAN-3CBK3Pq3=kTy82T4LR3Fr27k_u-=QFSo2VRwKHnw4fC-eTg@mail.gmail.com>
	<CAKmKYaCUgd+oxyjP4BcOXz94_2OJOB6du_1hF-nS30EtMGaY0A@mail.gmail.com>
	<CAN-3CBLtSwGSQ8JxMGjFSfAtGOWtr1gjJdvdVRYcsDg3a2-ogw@mail.gmail.com>
	<5102B439.10500@lymegreen.co.uk>
	<CAN-3CBK+yWV0oQX7f1Hsj0XpORvrjpJ7dmEhn4bpHLryKDVmAw@mail.gmail.com>
	<CAFUSCh_knsU-yg-bBu0v8Labq11tYJfcTB1VLrGvFNJkE4YpLQ@mail.gmail.com>
	<CAN-3CBLS_iQJB=n7VVHJ288OOu+5JO-6oJwR=760KmwKE9huQQ@mail.gmail.com>
	<CAFUSCh9zoCvJU638s7n72+oAmJMSzmM9+oett-=Hiccx-hwjhw@mail.gmail.com>
	<CAN-3CBKMdDK7uv4-pKJn5ziPU=my23jXA6S0SQNAP+Jw2bHsow@mail.gmail.com>
	<CAJNb-9oVW9AfngCmd7bJjU34pqsouxYtScAhqCB5p0zUXh6obw@mail.gmail.com>
	<CAJ_m3YCDEtQ8HKSZ8q1uCBaP5Gg08pUxv+4-kX_+xQfjPgt3Hw@mail.gmail.com>
	<CAL+Y1nsoN-voZBexDVO3_xNAdy318uyazXsLyezB2U9vbvv-fQ@mail.gmail.com>
	<CAN-3CBLhsi2hG1XXOFgZNXYq+1Nm8Rb7Gsvq=tmTPaLYO_2r4g@mail.gmail.com>
	<CAAL6JQjUY9C9K7RfjVYJm-kGwNXq4vWEPJti2_bho_FPA9ukTg@mail.gmail.com>
	<CAJ_m3YBaM7wCG=EOcZDk7Mx2gw0dhNdsOoM0oCnKf2Tf_czjrw@mail.gmail.com>
	<CAN-3CBJgfE1CF4sK_dQWS1sQQNiKyecgSpwViOQZfHSvdOcczw@mail.gmail.com>
	<CAAL6JQizwBioFWo6hfyVdFrBwr5vdGuHjNToHSdCFvb9Sq05iw@mail.gmail.com>
	<CAN-3CB+8nZUNaLYi06d4-O0A4AzdYZAnaF_g5g2KXsDX-yNcAw@mail.gmail.com>
	<1359906287.12133.41.camel@devil>
	<CAJNb-9pgUtTj080iTmY7F1mrsHKEP+u52McOKDvuQ0Jfvrojjw@mail.gmail.com>
	<1359975556.10244.13.camel@devil>
Date: Mon, 4 Feb 2013 12:18:54 +0100
Message-ID: 
 <CAJNb-9qTWRCH01HhFxotr+eECtChO29a4A2XNMv-+cRQ2LtOuA@mail.gmail.com>
Subject: Re: Branch to switch from SpiderMonkey to Node.js
From: Benoit Chesneau <bchesneau@gmail.com>
To: "dev@couchdb.apache.org" <dev@couchdb.apache.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Virus-Checked: Checked by ClamAV on apache.org

On Mon, Feb 4, 2013 at 11:59 AM, Klaus Trainer <klaus_trainer@posteo.de> wrote:
> On Mon, 2013-02-04 at 11:18 +0100, Benoit Chesneau wrote:
>>
>> DOS has nothing with sandboxing or maybe in a large extent here. Sandboxing
>> in couchjs is about:
>>
>> 1. restrict I/O : no disk or net access from a view
>> 2. make sure that a view function won't leek to another
>
> One attempt to protect against DOS would be to spawn (sandboxed) worker
> processes, monitor them, and kill them if they misbehave (e.g. time them
> out if they take too much time to process a document). In fact, the
> sandbox npm module (https://github.com/gf3/sandbox) does something like
> that.
>
> But you're right. I agree with you that this should be out of scope for
> now, especially in this discussion here.
>

I think we already prevent such DOS imo with the process execution
timeout. Maybe that need to be improved but this can also be done
here.

- benoit