registry team mailing list archive

Thread
Date

[Bug 673366] Re: Default worker_connections too high for default system

To: registry@xxxxxxxxxxxxxxxxxxx
From: Michael Lustfield <673366@xxxxxxxxxxxxxxxxxx>
Date: Wed, 01 Dec 2010 00:11:59 -0000
Reply-to: Bug 673366 <673366@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Brian: I added the bug watch to this bug report. Thanks for reminding
me.

It will be part of 0.8.53-2.

Snover: It's really the job of the administrator to keep track of the
system. Logs are a huge part of that. While we should be making sure the
package defaults don't conflict with the system defaults, it is not our
place to know how many connections you will be handling. If you get into
that much load, you should know how to configure your system to deal
with it.

The only thing I could think of would be rate limiting in the logs as
well as a counter that tells you how often the last message was
repeated. I don't know that this would be possible though, given how
Nginx handles outputting to a log file.

Either way, this is not a security issue. The same thing could happen if
(on a default install with openssh-server) some malicious user attempted
to make a many ssh login attempts from distributed systems. The logs
would fill up just the same. Of course we use tools such as denyhosts to
deal with this. The same should be said (firewalls/rotuers) for Nginx.

-- 
Default worker_connections too high for default system
https://bugs.launchpad.net/bugs/673366
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.