[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Server implementation
From: |
Nathaniel Smith |
Subject: |
Re: [Monotone-devel] Server implementation |
Date: |
Thu, 14 Apr 2005 22:04:45 -0700 |
User-agent: |
Mutt/1.5.8i |
On Sun, Apr 10, 2005 at 11:37:09PM +0200, Florian Weimer wrote:
> The current server implementation is not suitable for running on an
> untrusted network. I just have to run the following command:
>
> while true ; do socket example.com 5253 ; done
>
> and no one can access the server at example.com anymore.
Ah, umm, I'm not sure what "socket" does, but assuming that it just
opens a socket and listens a la netcat, then this is a bug.
I can't reproduce it, though:
# window 1:
$ while true; do netcat venge.net 5253; done
# window 2:
$ monotone sync venge.net
the sync works just fine.
> If I read the SQLite documentation correctly, concurrent database is
> not one of its strengths. Even if SQLite supported page-level
> locking, you cannot hold locks while wating for network I/O without
> introducing a denial-of-service potential.
However, I have no idea how sqlite is involved? Monotone never does
concurrent database access; the netsync server is single-threaded and
does non-blocking socket IO.
> So what to do? Would it be possible to write something which dumps
> the server->client netsync traffic to a set of files? The client
> could then fetch these files (incrementally), and feed it to something
> like "monotone read".
This is an interesting idea for use cases like "I don't have write
access to your server but want to email you my patches instead", but I
don't see very well how it is relevant here.
-- Nathaniel
--
Damn the Solar System. Bad light; planets too distant; pestered with
comets; feeble contrivance; could make a better one myself.
-- Lord Jeffrey