On 08.11.2011 14:57, Bostjan Skufca wrote:
> Sorry I did not provide all the details earlier, answers inline.
>
>
> On 8 November 2011 14:04, Fuhrmann Stefan (ETAS/ESA1)
> <Stefan.Fuhrmann_at_etas.com> wrote:
>>
>> Bostjan Skufca wrote:
>>
>>> One of our developers accidentaly stumbled upon an effective way to DoS
>>> the whole server by unknowingly trying to access parts of SVN repo he was
>>> not authorized for. The svnserve daemon spawned a child which replied with
>>> "authorization error", but developer's client (TortoiseSVN) just created new
>>> connection and tried again, in a loop. For unknown reason, it also did not close
>>> previous connection and this resulted in creation of several thousand svnserve
>>> processes and server crash due to exhausted RAM issue.
>>
>> Does that happen with ordinary operations like showing the log
>> and checking out or is this caused by the repository browser?
>> The latter will e.g. try to read the content of all immediate sub-folders.
>
> It was a repository browser. There are only 5 immediate sub-folders on
> server, or are you talking about client-side?
>
>
>
>> Can you reproduce the problem with the command line client.
>
> Nope, just tried with 1.7.1 client. Result:
> svn: E170001: Authorization failed
Ok, but does that leave an svnserve process running on the server as well?
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=757&dsMessageId=2876333
To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-11-08 18:37:29 CET