MSC3713: Alleviating ACL exhaustion with ACL Slots #3713
Conversation
…lleviating-acl-exhaustion-with-acl-slots.md
FSG-Cat
changed the title
turt2live
added
kind:maintenance
This should be the final major revision for a while to this and well Thanks to Nico for convincing Cat to fix this stuff. Ye it could have used a review before it was published to avoid this.
|
|
||
| ## Security considerations | ||
|
|
||
| By limiting the slot count the attack of just consuming a completely obscene amount of ram is somewhat |
There was a problem hiding this comment.
There was a problem hiding this comment.
Yes a lower limit might be considered as a means of mittigating the abuse potential. Tho if i might add. Its already possible to use ACL to create server load but yes i do agree this MSC makes it ludicrously easier to do since it will expand the amount of server load a single room can create by a factor of atleast 512 if we choose to make 512 slots the standard.
I am completetely open to defining the v1-9 max at a lower number in the 32-128 range to limit the abuse potential and still keep the benefits of this MSC. The max is tied to room versions after all so we can change it in the future.
There was a problem hiding this comment.
This concern should be alleviated since the slot count is now at a max of 32. It can be made even lower if we think that is desired since a slot count as low as 4-8 still has a massive impact on how much ACL capacity we have.
|
Going to change the MSC from a draft to a proper PR since i think this MSC is now ready for more serious review with all the worst offenders out of the way. |
A simple MSC that aims to alleviate the potential problem of exhausting the ACL capacity of a given room.
Rendered
Room for discussion of the proposal. #FSG-Cat-MSC3713:feline.support
Signed-off-by: Catalan Lover catalanlover@protonmail.com