Changes between Initial Version and Version 3 of Ticket #2192


Ignore:
Timestamp:
2014-03-07T12:16:51Z (11 years ago)
Author:
daira
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #2192

    • Property Keywords cloud-backend s3 xml added; cloud removed

  • Ticket #2192 – Description

    initial v3  
    1 A malicious cloud service could easily cause a DoS against the storage server using some of the attacks described in  [https://pypi.python.org/pypi/defusedxml/]. This is not a particularly serious attack as long as one storage server is associated with each cloud service and that server is running in its own virtual machine, since then the cloud service can only affect its own storage server. OTOH, switching to a library that prevents these attacks would probably be straightforward.
     1A malicious cloud service could easily cause a DoS against the storage server using some of the attacks described in  [https://pypi.python.org/pypi/defusedxml/]. This is not a particularly serious attack as long as one storage server is associated with each cloud service and that server is running in its own virtual machine, since then the cloud service can only affect its own storage server's virtual machine. OTOH, switching to a library that prevents these attacks would probably be straightforward.