explicit run time limits for the datalog engine #53

Geal · 2020-12-14T12:53:01Z

right now, we put some hardcoded limits on the number of iterations in a "world run", but it should be better to leave that decision to the user. We can get a token with some degenerate cases that would produce a lot of facts or apply on a large number of iterations, so there should be a hard limit there.

A few options:

limit on the number of facts produced
limit on the execution time
if we want a safer way, optionally forbid facts and rules in blocks other than authority (so those blocks would only contain caveats)

Geal · 2020-12-21T11:53:15Z

implemented in the Rust version: biscuit-auth/biscuit-rust@afa0042
@daeMOn63 @titanous do you have such options for the Go version?

Geal · 2020-12-21T15:56:58Z

Java version: CleverCloud/biscuit-java@ff9c2f6

daeMOn63 · 2021-01-12T10:16:50Z

Implemented in Go version: biscuit-auth/biscuit-go@1f63389

Geal mentioned this issue Dec 18, 2020

1.0 release #57

Closed

17 tasks

Geal mentioned this issue Dec 21, 2020

Run time limits biscuit-auth/biscuit-go#42

Closed

Geal closed this as completed Apr 16, 2021

dmunch mentioned this issue Mar 17, 2023

Support explicit run time limits for the Datalog engine dmunch/biscuit-net#1

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

explicit run time limits for the datalog engine #53

explicit run time limits for the datalog engine #53

Geal commented Dec 14, 2020

Geal commented Dec 21, 2020

Geal commented Dec 21, 2020

daeMOn63 commented Jan 12, 2021 •

edited

Loading

explicit run time limits for the datalog engine #53

explicit run time limits for the datalog engine #53

Comments

Geal commented Dec 14, 2020

Geal commented Dec 21, 2020

Geal commented Dec 21, 2020

daeMOn63 commented Jan 12, 2021 • edited Loading

daeMOn63 commented Jan 12, 2021 •

edited

Loading