Comment 17 for bug 1098307
Revision history for this message
| Adam Young (ayoung) wrote Re: unauthenticated POST to /tokens can fill up disk/logs | #17 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
My immediate concern on reviewing the patches is that they are neither necessary nor sufficient to address the issue: Instead of looking at the token size, we should look at the overall request size, as you can stuff any cookie to blow out the memory. The Token should not be getting logged anywhere, so it should not be an issue in filling up logs.