Task #486 (closed)
Opened 17 years ago
Closed 16 years ago
Investigate throttling users based on connections.
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | 3.0-Beta3 |
Component: | Security | Version: | 3.0-Beta1 |
Keywords: | n.a. | Cc: | |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description
With a default postgres connection limit of about 100, it doesn't take too much (or too many threads) for a single user to DoS the server (e.g. trying to generate 100 thumbnails ASAP would do it)
During SecuritySystem.login() various checks could be performed. The question is: block or throw (and what exception)?
Change History (1)
comment:1 Changed 16 years ago by jmoore
- Milestone changed from GatherReqs to 3.0-Beta3
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.
Merged into #864