[tahoe-dev] Authority to DoS via WAPI
Brian Warner
warner at lothar.com
Mon Jan 19 15:30:10 PST 2009
>>
>>
>> 3. Maybe for the test we could use du() from fileutil (http://
>> allmydata.org/trac/tahoe/browser/src/allmydata/util/fileutil.py ,
>> also known as http://allmydata.org/trac/pyutil/browser/pyutil/pyutil/
>> fileutil.py ) to assert that the filesystem usage on the server isn't
>> greater after the client attempted to upload something.
>
> I'll look into this.
>
Alternatively, each storage server keeps track of how many share
uploads have occurred (search storage.py for 'stats' and 'allocate').
If du doesn't seem appropriate, the test code could walk the servers
and assert that the counters are unchanged.
I'm not sure what the name of the control knob should be. "allow
ambient unlinked upload"?
cheers,
-Brian
More information about the tahoe-dev
mailing list