First page Back Continue Last page Overview Image

8.5 Resource Limits

[143] interp limit

Stop/Limit damage by DoS attacks against scripts exposed to the net. Using a safe interp was no protection.

Profiling via sampling (stop every x, record stack)

Simulation:

proc x s {eval $s; eval $s; eval $s; eval $s}

x {x {x {x {x {x {x {x {x {x {x {x {x {x {sleep 1}}}}}}}}}}}}}}

Takes >3 days.

Features:

Limit number of commands allowed to run
Absolute time limits (down to millisecond granularity)