[rabbitmq-discuss] RabbitMQ crash caused by channel leak?

[Ian Ragsdale]

On Mar 12, 2010, at 5:40 AM, Matthew Sackman wrote:

> On Fri, Mar 12, 2010 at 11:37:09AM +0000, Matthew Sackman wrote:
>>> Based on the number of channels in the logged dictionary, I'm guessing I hit a limit on the number of channels, which I'm guessing was the cause of the crash.  Does this sound like a likely cause?  I've identified and removed the code that was creating all the channels, but I'm concerned that it appears to be so easy for a single rogue client to take down the entire server.  Is there a way for me to prevent this?
>> 
>> Mmmm, that's a good point, and no, there's no such knob.
> 
> Having said all that however, be aware that you'll also crash if you run
> out of file descriptors, and you can also explode rabbit by creating
> lots of queues - there are no limits on either of these. So there are,
> sadly, several vectors for DoS attacks just at the moment.

Good to know.  We'll be controlling all the producers and consumers, so it isn't a huge worry that it would be possible to DOS, we'll just have to be a little more careful on our end.  Thanks for confirming the likely cause of the crash - I now feel comfortable that it was a self-inflicted wound and don't have to worry that we have a problem with our rabbitmq install.

- Ian