[rabbitmq-discuss] RabbitMQ crash caused by channel leak?
ian.ragsdale at gmail.com
Mon Mar 15 19:22:32 GMT 2010
On Mar 12, 2010, at 5:40 AM, Matthew Sackman wrote:
> On Fri, Mar 12, 2010 at 11:37:09AM +0000, Matthew Sackman wrote:
>>> Based on the number of channels in the logged dictionary, I'm guessing I hit a limit on the number of channels, which I'm guessing was the cause of the crash. Does this sound like a likely cause? I've identified and removed the code that was creating all the channels, but I'm concerned that it appears to be so easy for a single rogue client to take down the entire server. Is there a way for me to prevent this?
>> Mmmm, that's a good point, and no, there's no such knob.
> Having said all that however, be aware that you'll also crash if you run
> out of file descriptors, and you can also explode rabbit by creating
> lots of queues - there are no limits on either of these. So there are,
> sadly, several vectors for DoS attacks just at the moment.
Good to know. We'll be controlling all the producers and consumers, so it isn't a huge worry that it would be possible to DOS, we'll just have to be a little more careful on our end. Thanks for confirming the likely cause of the crash - I now feel comfortable that it was a self-inflicted wound and don't have to worry that we have a problem with our rabbitmq install.
More information about the rabbitmq-discuss