[Catalog-sig] PyPI reverse download

"Martin v. Löwis" martin at v.loewis.de
Tue Jul 27 22:52:25 CEST 2010

Previous message: [Catalog-sig] PyPI reverse download
Next message: [Catalog-sig] PyPI reverse download
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> Any objections?
> 
> Seems like this is rife for abuse -- it's essentially an open relay
> for POST requests, so I could use it to amplify a DDOS attack. So
> probably sounds like there needs to be some sort of security, or
> whitelist of allowed URL (or prefixes?), or somesuch.

I guess I restrict it to posting to *.python.org, then.

Thanks,
Martin

Previous message: [Catalog-sig] PyPI reverse download
Next message: [Catalog-sig] PyPI reverse download
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Catalog-SIG mailing list