Version française
Home     About     Download     Resources     Contact us    
Browse thread
[Caml-list] How to secure an OCaml server
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: -- (:)
From: Thomas Fischbacher <Thomas.Fischbacher@P...>
Subject: Re: [Caml-list] How to secure an OCaml server

On Sat, 28 Feb 2004, Richard Jones wrote:

> On Sun, Feb 29, 2004 at 01:44:10AM +0900, Yutaka OIWA wrote:
> > Unlike C and C++, Objective Caml has strong builtin protection for
> > array boundary overflow.  You can expect that inputs which usually
> > cause arbitrary code execution (like viruses and worms) do not cause
> > such catastrophe, but only make your programs report runtime exception
> > and then halt.
> 
> Remember the corollary of having safe arrays is that people can DoS
> your server by opening a socket and writing .. and writing .. and
> writing.  It's always a good idea to either implement your own
> sensible maximums on the length of strings / arrays, or at least run
> your module with a BSD resource-style limit (setrlimit(2)).

Yes. Another interesting issue that frequently comes up in such situations 
is provoking hash collisions.


-- 
regards,               tf@cip.physik.uni-muenchen.de              (o_
 Thomas Fischbacher -  http://www.cip.physik.uni-muenchen.de/~tf  //\
(lambda (n) ((lambda (p q r) (p p q r)) (lambda (g x y)           V_/_
(if (= x 0) y (g g (- x 1) (* x y)))) n 1))                  (Debian GNU)

-------------------
To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr
Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/
Beginner's list: http://groups.yahoo.com/group/ocaml_beginners