Luca Versari
Luca Versari
Well, the server side often can know that something is *not* an image/avif (i.e. something produced by a dynamic server that declares application/json) and then doesn't need to sniff. But...
My concern is mostly with people that host their websites on shared hosting providers etc. It's clear that companies and people that have their own web servers wouldn't have big...
Another question to consider: do we need to support decoding to an arbitrary ICC? I'd argue it is not fundamental for our API to allow it. On Thu, 2 Jun...
There is no default CMS implementation in some cases and I am very much against introduction behaviour that works in some cases but not others :) On Mon, 17 Oct...
Another solution could be to set RLIMIT_NOFILE to an appropriate value (5, letting contestants open two files beside standard input/output/error) and RLIMIT_FSIZE to the same value as RLIMIT_AS.
Here http://pastebin.com/7kTW9bs4 is a patch that implements the fix suggested in the last comment.
True, that would be a problem...
I made some experiments with the quota option, and the result is that it seems to work - you have to enable quota in the kernel, enable options usrquota,grpquota for...
Well, that's a problem as far as I know: if for whatever reason a sandbox does not get deleted (for example, the worker crashes/raises an exception) it could fill up...
http://pastebin.com/jui88R3r This patch "upgrades" the previous fix, setting RLIMIT_FSIZE to the memory limit and allowing TaskTypes to specify a whitelist of files that are allowed to be written to.