[
https://issues.apache.org/jira/browse/RIVER-362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13849908#comment-13849908
]
Peter Firmstone commented on RIVER-362:
---------------------------------------
The DOS attack can be fixed by limiting the classes permitted for
deserialization to those local classes required to authenticate the verifier
proxy.
http://www.ibm.com/developerworks/java/library/se-lookahead/index.html
The verifier proxy can be deserialized from the stream using local code, by
searching the stream for its class, then after authentication, the verifier
proxy can be used to verify the stream. During stream deserialization any
references to the verifier proxy (eg by the smart proxy) need to be updated.
> Denial of Service during unmarshalling of smart proxy's
> -------------------------------------------------------
>
> Key: RIVER-362
> URL: https://issues.apache.org/jira/browse/RIVER-362
> Project: River
> Issue Type: Bug
> Environment: Untrusted networks
> Reporter: Peter Firmstone
> Attachments: river-modules.zip
>
>
> During unmarshalling of smart proxy's there's a period before the proxy has
> been verified (authenticated) where deserialization methods are executed on
> untrusted code, the potential exists for untrusted code to perform denial of
> service.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
