asyncore DoS vulnerability
aspineux
aspineux at gmail.com
Sat Feb 3 19:01:30 EST 2007
On 2 fév, 16:32, "billie" <gne... at gmail.com> wrote:
> >> Why does this exception isn't handled inside asyncore.py?
> > To do what ? To raise a custom asyncore error ?
>
> asyncore aims to be a framework, right?
> I think that when select() limit is reached asyncore should just drop
> other connections. That's all.
Nice idea.
It shoul be nice to be able to limit the number of connections
asyncore can manage, to say,
limit the load of the server, or in your case tell asyncore you are
working on a poor platform :-)
Then asyncore could call a user defined function (a policy) when this
limit is reached.
This function could interact with asyncore to take an action: reject
the connection, close idle connections .....
You could try to persuade asyncore developers to include this feature.
> > You can can probably run over this limit by starting multiple of your
> > server process (not thread, process).
>
> Hope you're joking...
> Why should I have to run multiple processes / threads to avoid such a
> problem?
> And what if my system / inteprepter does not support multiple
> processes / threads?
I was just giving a possible workaround.
More information about the Python-list
mailing list