qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 6/6] vnc: track & limit connections

From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH 6/6] vnc: track & limit connections
Date: Wed, 15 Oct 2014 08:51:28 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1 
On 10/15/2014 06:19 AM, Gerd Hoffmann wrote:
> Also track the number of connections in "connecting" and "shared" state
> (additionally to "exclusive" state).  Apply a configurable limit to

s/additionally to/in addition to the/

> these connections.
> 
> The logic to apply the limit to connections in "shared" state is pretty
> simple:  When the limit is reached no new connections are allowed.
> 
> The logic to apply the limit to connections in "connecting" state (this
> is the state you are in *before* successfull authentication) is

s/successfull/successful/

> slightly different:  A new connect kicks out the oldest client which is
> still in "connecting" state.  This avoids a easy DoS by unauthenticated
> users by simply opening connections until the limit is reached.
> 
> Cc: Dr. David Alan Gilbert <address@hidden>
> Signed-off-by: Gerd Hoffmann <address@hidden>
> ---
>  ui/vnc.c | 46 +++++++++++++++++++++++++++++++++++++++++++---
>  ui/vnc.h |  3 +++
>  2 files changed, 46 insertions(+), 3 deletions(-)
> 

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]