[Zope] Urgent help needed: Zope falls over under moderate loa d

[Toby Dickenson]

On Wed, 21 Nov 2001 10:31:42 -0500, Chris McDonough
<chrism@digicool.com> wrote:

>> Zope's http layer simply wasnt
>> designed with this kind of robustness in mind, and its only a small
>> exaggeration to say that *everything* is wrong.
>
>Maybe it wasn't designed for it, but it's being used as if it was. ;-)

mmm.

Im a bit out of touch with adminstrators documentation. Does it raise
these issues?

>> Also, Im not sure its worth the effort. This isnt the only compelling =
reason
>> for using a font-end proxy. Using a proxy makes this problem a =
non-issue, so
>> why bother fixing it?
>
>Well, I'm not sure what "it" is, yet, so I don't have a sense of the=20
>cost involved.  If there is a bit of low-handing fruit that takes away=20
>some of the brokkenness, it'd be nice to put in..

I recall a couple of the details.... It collects HTTP headers in
memory until the headers head. An attacker can consume all memory by
sending endless headers.

Additionally, it builds up the headers by appending what is read to a
string. An attacker can consume all processor time by sending headers
one byte at a time, since string appends are O(n*n).

There were some other problems too, plus, as I mentioned, a general
feeling that it wasnt designed to do this job.

>It's=20
>conceivable that a proxy could tickle one of these bugs just as well as=20
>a user, no?

Im most familiar with squid, which goes to some lengths to eliminate
such silliness from the http conversation. Last time I look at this, I
was satisfied that squid was good enough for me.

Of course when it comes to bugs, never say never.



Toby Dickenson
tdickenson@geminidataloggers.com