Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add config.disable_sandbox option to Rails console #35723

Merged
merged 1 commit into from Mar 24, 2019

Conversation

Projects
None yet
2 participants
@sikachu
Copy link
Member

sikachu commented Mar 23, 2019

Summary

A long-running rails console --sandbox could cause a database server to become out-of-memory as it's holding on to changes that happen on the database.

Given that it's common for Ruby on Rails application with huge traffic to have separate write database and read database, we should allow the developers to disable this sandbox option to prevent someone
from accidentally causing the Denial-of-Service on their server.

Other Information

This situation is actually happened to us 馃槄. Someone opened a tmux session with rails console --sandbox and forgot about it. We tried to trace down who ran it, and kill the session to bring the service back online.

I felt like this is not a situation that only us would run into, as it could bite someone one day and took down their system, so I think having a sandbox mode as a configurable option is a good idea especially in a Rails application that already have a separate read and write database cluster.

@rails-bot rails-bot bot added docs railties labels Mar 23, 2019

@sikachu sikachu removed the docs label Mar 23, 2019

Add config.disable_sandbox option to Rails console
A long-running `rails console --sandbox` could cause a database server
to become out-of-memory as it's holding on to changes that happen on the
database.

Given that it's common for Ruby on Rails application with huge
traffic to have separate write database and read database, we should
allow the developers to disable this sandbox option to prevent someone
from accidentally causing the Denial-of-Service on their server.

@sikachu sikachu force-pushed the sikachu:disable-sandbox-flag branch from 3cd7ff9 to b271052 Mar 23, 2019

@rails-bot rails-bot bot added the docs label Mar 23, 2019

@guilleiguaran

This comment has been minimized.

Copy link
Member

guilleiguaran commented Mar 24, 2019

Someone opened a tmux session with rails console --sandbox and forgot about it

I have been that person in the past so I sympathize with the intention of this PR 馃槄

@guilleiguaran guilleiguaran merged commit b4ca05e into rails:master Mar 24, 2019

3 checks passed

buildkite/rails Build #59803 passed (17 minutes, 35 seconds)
Details
codeclimate All good!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@sikachu sikachu deleted the sikachu:disable-sandbox-flag branch Mar 25, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can鈥檛 perform that action at this time.