March 17, 2005
11:29 p.m.
On Thu, Mar 17, 2005 at 11:35:39AM -0800, Lenny G Arbage wrote:
* btw, isn't this a security hole for any webserver running off of twisted-web.resource.Resource -based websites -- if a client does a post with multipart/form-data and then just streams data endlessly, the server process mushrooms to fill all available memory and swap?
I hope there is a limit to it. OTOH this is a memleak only, nevow carryover has memleak possibilities too. So while in the long run it would need to be fixed (as well as nevow carryover, with a simple timestamp to collect the obsolete entries), this would be a minor security issue after all.