[Openstack-security] [openstack/glance] SecurityImpact review request change I129edb4cf6372165ce8ba3759bb40beadba9cdda
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Jun 16 19:28:06 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/192394
Log:
commit e147f8b5a2b6d5d4b15be3a7c70bf5b24e8d20d9
Author: Mike Fedosin <mfedosin at mirantis.com>
Date: Fri Jun 12 17:53:37 2015 +0300
Add client_socket_timeout parameter
Add a parameter to take advantage of the new(ish) eventlet
socket timeout behaviour. Allows closing idle client
connections after a period of time.
Leaving the sockets open may allow malefactors to attack the
system by creating many simultaneous connections, which leads
to significant cpu consumption by glance-api servers.
Setting 'client_socket_timeout = 0' means do not timeout.
DocImpact:
Added client_socket_timeout option (default=900).
SecurityImpact
Change-Id: I129edb4cf6372165ce8ba3759bb40beadba9cdda
More information about the Openstack-security
mailing list