[Development] Proposed API addition to QTcpServer
Thiago Macieira
thiago.macieira at intel.com
Wed Jun 13 20:13:23 CEST 2012
On quarta-feira, 13 de junho de 2012 14.06.49, lars.knoll at nokia.com wrote:
> >5.0 vs 5.1:
> >The issue seems like it should be rare under normal circumstances.
> >(Qt is not a toolkit for high load servers, and the default quota is ~1k
> >file descriptors)
> >However the consequences are severe.
> >It's also a "denial of service" vulnerability, mitigated by the fact that
> >QTcpServer only accepts 30 connections without application interaction
> >(by default)
>
> I'd say let's add it for 5.0. It's a small addition and solves a potential
> security problem.
I agree. There's no source incompatibility with 4.8, it's just a new signal
and plus some code handling error conditions.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
Intel Sweden AB - Registration Number: 556189-6027
Knarrarnäsgatan 15, 164 40 Kista, Stockholm, Sweden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.qt-project.org/pipermail/development/attachments/20120613/d7ce4901/attachment.sig>
More information about the Development
mailing list