joto left a comment (osm2pgsql-dev/osm2pgsql#2482)
Imagico is certainly right when he says that we need to look into possible
problems with the unbound merging. I wouldn't be overly concerned, there are
other possibilities for DOS attacks in the existing rendering infrastructure,
but we should look at the details. There are possible mitigations that will
probably not affect normal use, for one thing we can make sure the merging is
bounded somewhere. We could figure out the largest number of highway ways
merged with this approach and build a limit a bit larger than this into the SQL
query. We can also limit the number of expired tiles that we allow for each
run. Or fall back to a complete re-merging of all ways planet wide (which we
know takes only 20 minutes) if the number of tiles becomes too large. And we
can certainly test this more, let it run on a test machine for a few weeks, see
if we find any problems and so on. Its probably best to test not this on OSM
Carto, but something a bit less critical.
--
Reply to this email directly or view it on GitHub:
https://github.com/osm2pgsql-dev/osm2pgsql/pull/2482#issuecomment-4782455366
You are receiving this because you are subscribed to this thread.
Message ID: <osm2pgsql-dev/osm2pgsql/pull/2482/[email protected]>
_______________________________________________
Tile-serving mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/tile-serving