asyncore DoS vulnerability

skip at pobox.com skip at pobox.com
Fri Feb 2 11:39:57 EST 2007


    billie> asyncore aims to be a framework, right?  I think that when
    billie> select() limit is reached asyncore should just drop other
    billie> connections. That's all.

You're asking asyncore to make a policy decision on behalf the controlling
application.  It has no idea what that application wants to do when the open
file limit is reached.  Maybe it should close the oldest connection instead
of refusing all new ones.  Maybe it should adjust the rate at which it
accepts new connections.  asyncore doesn't know.

Skip



More information about the Python-list mailing list