book-exploring-async-basics icon indicating copy to clipboard operation
book-exploring-async-basics copied to clipboard

Published 20 hours ago verified publisher icon cfsamson

[Translation] 8_6_io_eventqueue.md

Open Jaxx4Fun opened this issue 5 years ago • 3 comments

One area we're taking shortcuts on all the way here is security.

It means that security is what have been ignored in the previous chapters.

There are several ways in which we could register interest in more events than occur, and thereby allocating memory that is just held in the buffers.

So if the user registers a lot of events that would not happend or take a long time to happen then a lot of allocating memory is just held by OS and could not be used by user, which may finally lead to OOM?

Jaxx4Fun avatar Jun 25 '20 11:06 Jaxx4Fun

It means that security is what have been ignored in the previous chapters

yes

So if the user registers a lot of events that would not happend or take a long time to happen then a lot of allocating memory is just held by OS and could not be used by user, which may finally lead to OOM?

Yeah, that's spot on. That's why you should limit the amount of outstanding buffers on completion based systems since someone could exploit this.

cfsamson avatar Jun 25 '20 14:06 cfsamson

If someone were to build a public facing server out of this, ...

What is this here referring to, secure or the example we are exploring?

Jaxx4Fun avatar Jul 13 '20 15:07 Jaxx4Fun

Here is a more precise sentence:

If someone were to build a public facing server based on our the code in our example...

cfsamson avatar Jul 13 '20 20:07 cfsamson