[Erlyaws-list] dos attacks

[<kl...@hy...>]

I've had an email discussion with Alexey Shchepin where
he is a bit displeased with how Yaws use list_to_atom
Here is the discussion:

 ------------
 >> (e.g. 3000 such requests with 500 key-value pairs is enough to
 >> make beam produce erl_crash.dump with "Slogan: no more index
 >> entries in atom_tab (max=1048576)")
 
 k> Yes I know, this has been an issue in the yaws mailing list many
 k> times. There are really no easy solutions to it.
 
 k> One (obvious solution) would be to use lists, that would make Yaws
 k> a tiny little bit slower though.
 
 k> So it's a choice beteen
 
 k> (a) abit slower, but resilient to _that_ dos attack
 k> (b) a bit faster but succeptible to _that_ dos attack (as well)
 
 k> I don't even know what I think is best, (a) or (b).
 
Personally I prefer (a), because reliability is more important, and
preformance degrade is very small (at least it seems to be small,
there are more expensive operations like socket send/receive).  BTW,
would be interesting to make benchmark for these cases and compare
results. :)
 
Also application can pass a list of acceptable keys, and parsing
function will call list_to_atom only on these keys.  This will make
parsing slightly slower, but further processing will be as in (b).
---------------




I tend to agree. If we're to have Yaws servers running at
real live sites, we can't have this.
The downside of removing list_to_atom would also be that
it's a backwards incompatible change. The output from
parse_query/1 is a list of {Key, Val} where Key is an atom.

So what do you all think, the next (1.42) release will have some
other minor incompatibilies as well, so this would be a 
good time to do this backwards incompatible change ???

Remove all the list_to_atom/1 calls or believe in a friendly 
internet ? :-)


/klacke




-- 
Claes Wikstrom                        -- Caps lock is nowhere and
http://www.hyber.org                  -- everything is under control