From: CGS <cgs...@gm...> - 2012-03-15 15:25:25
|
I wouldn't worry about such an attack because it needs posting a lot of data for your system to run out of the memory. Nevertheless, if you feel safer, you can filter out the POST methods with too high memory consumption (after all, it's Erlang there). CGS On Thu, Mar 15, 2012 at 5:05 PM, xxx xxx <now...@li...> wrote: > Hi, I'm new to yaws (not the disease, the web server, heh). > > Anyway, I've been recently building a website, and I noticed that in some > cases - for instance in processing post requests - yaws appears to > represent the names of the form fields as atoms. If so, I presume it must > make new atoms if there aren't pre-existing atoms with the appropriate > names. > > Question: Does this represent some kind of danger to crashing the server > due to running out of memory, possibly because of a deliberate attack? > Forgive me if I seem paranoid, but for my particular use cases users WILL > absolutely try to hack into my systems and bring them down or compromise > them in any way possible - it is a guarantee. > > Thanks. > > > ------------------------------------------------------------------------------ > This SF email is sponsosred by: > Try Windows Azure free for 90 days Click Here > http://p.sf.net/sfu/sfd2d-msazure > _______________________________________________ > Erlyaws-list mailing list > Erl...@li... > https://lists.sourceforge.net/lists/listinfo/erlyaws-list > > |