Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC3713: Alleviating ACL exhaustion with ACL Slots #3713

Open
wants to merge 9 commits into
base: main
Choose a base branch
from

Conversation

FSG-Cat
Copy link
Contributor

@FSG-Cat FSG-Cat commented Feb 6, 2022

A simple MSC that aims to alleviate the potential problem of exhausting the ACL capacity of a given room.

Rendered

Room for discussion of the proposal. #FSG-Cat-MSC3713:feline.support

Signed-off-by: Catalan Lover catalanlover@protonmail.com

@FSG-Cat FSG-Cat changed the title MSC0000: Alleviating ACL exhaustion with ACL Slots MSC3713: Alleviating ACL exhaustion with ACL Slots Feb 6, 2022
@turt2live turt2live added kind:maintenance MSC which clarifies/updates existing spec needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal s2s Server-to-Server API (federation) labels Feb 6, 2022
This should be the final major revision for a while to this and well Thanks to Nico for convincing Cat to fix this stuff. Ye it could have used a review before it was published to avoid this.

## Security considerations

By limiting the slot count the attack of just consuming a completely obscene amount of ram is somewhat
Copy link
Contributor

@Gnuxie Gnuxie Feb 6, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not just considerable amounts of RAM. There may be a cost in some implementations to compile each regex (Caches up to 512) and there will be a cost to run 512x500~ regexes against federating servers. So someone could probably put considerable load on the server just by abusing this.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes a lower limit might be considered as a means of mittigating the abuse potential. Tho if i might add. Its already possible to use ACL to create server load but yes i do agree this MSC makes it ludicrously easier to do since it will expand the amount of server load a single room can create by a factor of atleast 512 if we choose to make 512 slots the standard.

I am completetely open to defining the v1-9 max at a lower number in the 32-128 range to limit the abuse potential and still keep the benefits of this MSC. The max is tied to room versions after all so we can change it in the future.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This concern should be alleviated since the slot count is now at a max of 32. It can be made even lower if we think that is desired since a slot count as low as 4-8 still has a massive impact on how much ACL capacity we have.

@FSG-Cat
Copy link
Contributor Author

FSG-Cat commented Feb 6, 2022

Going to change the MSC from a draft to a proper PR since i think this MSC is now ready for more serious review with all the worst offenders out of the way.

@FSG-Cat FSG-Cat marked this pull request as ready for review February 6, 2022 18:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind:maintenance MSC which clarifies/updates existing spec needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal s2s Server-to-Server API (federation)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants