Browse thread
[Caml-list] How to secure an OCaml server
[
Home
]
[ Index:
by date
|
by threads
]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: | 2004-02-28 (17:06) |
From: | Thomas Fischbacher <Thomas.Fischbacher@P...> |
Subject: | Re: [Caml-list] How to secure an OCaml server |
On Sat, 28 Feb 2004, Richard Jones wrote: > On Sun, Feb 29, 2004 at 01:44:10AM +0900, Yutaka OIWA wrote: > > Unlike C and C++, Objective Caml has strong builtin protection for > > array boundary overflow. You can expect that inputs which usually > > cause arbitrary code execution (like viruses and worms) do not cause > > such catastrophe, but only make your programs report runtime exception > > and then halt. > > Remember the corollary of having safe arrays is that people can DoS > your server by opening a socket and writing .. and writing .. and > writing. It's always a good idea to either implement your own > sensible maximums on the length of strings / arrays, or at least run > your module with a BSD resource-style limit (setrlimit(2)). Yes. Another interesting issue that frequently comes up in such situations is provoking hash collisions. -- regards, tf@cip.physik.uni-muenchen.de (o_ Thomas Fischbacher - http://www.cip.physik.uni-muenchen.de/~tf //\ (lambda (n) ((lambda (p q r) (p p q r)) (lambda (g x y) V_/_ (if (= x 0) y (g g (- x 1) (* x y)))) n 1)) (Debian GNU) ------------------- To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/ Beginner's list: http://groups.yahoo.com/group/ocaml_beginners