Comment 21 for bug 1196932
Revision history for this message
| Peter Portante (peter-a-portante) wrote Re: Possibly DoS attack using object tombstones | #21 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Patch commit message:
Fix handling of DELETE obj reqs with old timestamp
The DELETE object REST API was creating tombstone files with old
timestamps, potentially filling up the disk, as well as sending
container updates.
Here we now make DELETEs with a request timestamp return a 409 (HTTP
Conflict) if a data file exists with a newer timestamp, only creating
tombstones if they have a newer timestamp.
The key fix is to actually read the timestamp metadata from an
existing tombstone file (thanks to Pete Zaitcev for catching this),
and then only create tombstone files with newer timestamps.
We also prevent PUT and POST operations using old timestamps as well.