On Tuesday 17 June 2003 09:01, Oliver Bleutgen wrote:

> I don't quite understand the nature of this DOS attack after the patch.
> You do requests with REQUEST['Zope-Versiom'] == <big string>.
> If I understand your code correctly (it was bash and perl afterall ;))
> you create version i with a version name str(i)*500000.
> It seems (to me) that the sole cause for this DOS is that zope stores
> the version names in memory, that means you get a memory consumption for
> all version name strings of 10*500000 + 90*500000*2 which is 95.000.000
> bytes, which is roughly the 90M you reported.

The connection cache will also store a cached connection for each version. The 
connection is opened to *read* from the storage; no writes are needed.

A more 'efficient' attack would be to use a tiny (but unique) Zope-Version 
string to request a page that loads alot of zodb objects into the connection 
cache, for example as a seach page.

Toby Dickenson

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to