[pmwiki-users] PmWiki work directory, re-revisited
Patrick R. Michaud
pmichaud at pobox.com
Sat Feb 3 14:13:57 CST 2007
On Sat, Feb 03, 2007 at 06:55:33PM +0100, christian.ridderstrom at gmail.com wrote:
> On Sat, 3 Feb 2007, Patrick R. Michaud wrote:
>
> >Lots of (most?) PmWiki administrators aren't familiar with Unix
> >conventions, such as var/ .
>
> Figures. I still think it'd be good to emphasize that this particular
> directory might be better of in a separate partition, or in a directory
> with a quota.
>
> >>Btw, wouldn't it be possible that a PmWiki creates some many, and big,
> >>pages that the partition gets full?
> ..
> >The operating system is often less graceful about things when a
> >partition gets full.
>
> It's the OS I'm worried about... Doesn't this basically mean that a lot
> of hosts with PmWiki can be brought down quite easily?
I don't know about "a lot".
Sites that are running in typical shared web-hosting environments
will already be installed in a user's home directory (i.e., separate
from the partitions the OS needs), and with some sort of quota
mechanism in place, so those aren't really at risk. And in a
shared environment a disk-full on the users' partition wouldn't
go unnoticed for long, or be difficult to track down.
Someone who installs PmWiki into a webserver root (e.g., /var/www)
is often already putting things on the /var partition.
And there are practical bandwidth limitations involved here.
For example, if I want to try to use PmWiki to fill a 10GB
partition, I'm going to have to send approximately 10GB of data
across the net. And I can't do it all at once -- PHP memory
and timeout limits will generally mean that the filling has to
be done as a long sequence of smaller requests. To fill 10GB
of data with 1MB pages would require on the order of 10,000 posts.
Yes, it'd be theoretically possible to make 10,000 1MB posts; but
it can't happen quickly, if only because PmWiki locks edit
transactions such that only one post can happen at a time, and
posting such large pages will take some time for PmWiki to process.
So, OS failure is really a risk only on sites where all of the
following apply:
- PmWiki is installed on a partition that is vital to the OS
- the partition has a relatively small amount of disk space
- there aren't any quotas in place on the partition
- attackers have sufficient permission to create new pages/files
- the attack can be performed as a long sequence of requests
over a substantial period of time (at least several hours)
without being noticed
I don't know that there are a lot of hosts running PmWiki
that have all of the characteristics listed above.
Pm
More information about the pmwiki-users
mailing list