httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject worth fixing "read headers forever" issue?
Date Thu, 01 Jan 1998 06:04:03 GMT
In PR1028, Dean doesn't really seem to think that one-off fixes for things
like this are the way to go.

I could agree, but don't see anything changing right now.

This particular issue of reading request headers forever is easy to fix;
just add a counter to get_mime_headers that only allows it to read xxx
bytes.  I am thinking it is worth it even though it requires x bytes of
bandwidth to require the server to grow x bytes.

Memory attacks are easier to do some generic limiting on via the pools
mechanism Dean suggests.

CPU or disk eating things are hard to do that way, and I am doubtful that
rlimits can be used usefully.

What would be cool to see (and I would like to play with if I worked at a
large web hosting company...) is changes that make it very difficult for
hits on any one part (be it userdir, virtual domain, etc.) of the docspace
to impact other parts while still using the same pool of servers.


Mime
View raw message