Comment 7 for bug 673366
Revision history for this message
| Michael Lustfield (michaellustfield) wrote | #7 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Brian: I added the bug watch to this bug report. Thanks for reminding me.
It will be part of 0.8.53-2.
Snover: It's really the job of the administrator to keep track of the system. Logs are a huge part of that. While we should be making sure the package defaults don't conflict with the system defaults, it is not our place to know how many connections you will be handling. If you get into that much load, you should know how to configure your system to deal with it.
The only thing I could think of would be rate limiting in the logs as well as a counter that tells you how often the last message was repeated. I don't know that this would be possible though, given how Nginx handles outputting to a log file.
Either way, this is not a security issue. The same thing could happen if (on a default install with openssh-server) some malicious user attempted to make a many ssh login attempts from distributed systems. The logs would fill up just the same. Of course we use tools such as denyhosts to deal with this. The same should be said (firewalls/rotuers) for Nginx.