Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Better hyperlinks on the security-audit warning about the server load average setting. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
e5c0543760699390bc38a471dcdfdf64 |
| User & Date: | drh 2022-02-11 15:40:48 |
Context
|
2022-02-11
| ||
| 16:00 | Improvements to the /admin_sql page. ... (check-in: 6325f81d user: drh tags: trunk) | |
| 15:40 | Better hyperlinks on the security-audit warning about the server load average setting. ... (check-in: e5c05437 user: drh tags: trunk) | |
| 15:26 | Enhance security audit to warn about giving hyperlink privilege to user nobody. ... (check-in: 5999d244 user: drh tags: trunk) | |
Changes
Changes to src/security_audit.c.
| ︙ | ︙ | |||
549 550 551 552 553 554 555 |
}else {
double r = atof(db_get("max-loadavg", 0));
if( r<=0.0 ){
@ <li><p>
@ Load average limiting is turned off. This can cause the server
@ to bog down if many requests for expensive services (such as
@ large diffs or tarballs) arrive at about the same time.
| | > | | | | 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
}else {
double r = atof(db_get("max-loadavg", 0));
if( r<=0.0 ){
@ <li><p>
@ Load average limiting is turned off. This can cause the server
@ to bog down if many requests for expensive services (such as
@ large diffs or tarballs) arrive at about the same time.
@ To fix this, set the
@ <a href='%R/setup_access#slal'>"Server Load Average Limit"</a> on the
@ <a href='%R/setup_access'>Access Control</a> page to the approximate
@ the number of available cores on your server, or maybe just a little
@ less.
}else if( r>=8.0 ){
@ <li><p>
@ The <a href='%R/setup_access#slal'>"Server Load Average Limit"</a> on
@ the <a href="setup_access">Access Control</a> page is set to %g(r),
@ which seems high. Is this server really a %d((int)r)-core machine?
}
}
#endif
if( g.zErrlog==0 || fossil_strcmp(g.zErrlog,"-")==0 ){
@ <li><p>
|
| ︙ | ︙ |
Changes to src/setup.c.
| ︙ | ︙ | |||
445 446 447 448 449 450 451 452 453 454 455 456 457 458 |
@ <p>Fossil tries to spend less than this many seconds gathering
@ the out-bound data of sync, clone, and pull packets.
@ If the client request takes longer, a partial reply is given similar
@ to the download packet limit. 30s is a reasonable default.
@ (Property: "max-download-time")</p>
@ <hr />
entry_attribute("Server Load Average Limit", 11, "max-loadavg", "mxldavg",
"0.0", 0);
@ <p>Some expensive operations (such as computing tarballs, zip archives,
@ or annotation/blame pages) are prohibited if the load average on the host
@ computer is too large. Set the threshold for disallowing expensive
@ computations here. Set this to 0.0 to disable the load average limit.
| > | 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 |
@ <p>Fossil tries to spend less than this many seconds gathering
@ the out-bound data of sync, clone, and pull packets.
@ If the client request takes longer, a partial reply is given similar
@ to the download packet limit. 30s is a reasonable default.
@ (Property: "max-download-time")</p>
@ <a id="slal"></a>
@ <hr />
entry_attribute("Server Load Average Limit", 11, "max-loadavg", "mxldavg",
"0.0", 0);
@ <p>Some expensive operations (such as computing tarballs, zip archives,
@ or annotation/blame pages) are prohibited if the load average on the host
@ computer is too large. Set the threshold for disallowing expensive
@ computations here. Set this to 0.0 to disable the load average limit.
|
| ︙ | ︙ |