blob: 97a1f651937e706e0f9b997caee44b6118451f93 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
* async bugs
* Uncommenting the networkDelay in sendPtyOutput exposes a bug in
the Activity chain construction.
* potential DOS where developer sends Activity Entered that all
refer back to the first Activity Seen. This requires the user
side to keep a Backlog containing all later Activity Seen, so uses
up a lot of memory.
For this to work, the developer would need to include
in their Activity Entered echoData anticipating all the Activity Seen
that they have generated. This is doable; for example the developer
can send a stream of A's, and then needs to only include the right
amount in the echoData.
Should probably cap the BackLog to some maximum size to prevent
this kind of DOS. Dropping old items from the BackLog after some
amount of time would also work; after eg 10 seconds it's very
unlikely that a Activity Entered will legitimately refer to an
old backlog item.
* Encryption!
* Network!
* Server!
* gpg key downloading, web of trust checking, prompting
|