Hi,
you are right that default configurations should be sane.
I totally like your report on the potential DOS, by keeping a connection open
and so stalling the restart forever.
So I don't just want you or me to close it.
But then the GracefulShutdownTimeout being zero is the apache default - not one
set by Ubuntu.
I see two issues in "just" changing that:
- while discussion worthy, some other users might expect it to behave as it did
up to now
- Upstream must have a reason to keep the default at zero (I hope)
I'd suggest to bring the matter to discussion upstream with Apache.
There the experts can much better quantify the reality of an attack due to this
or any other implications.
E.g. the answer to why exactly the connections remain open and what
could/should be done.
Once there is agreement and a patch that changes the upstream default
new versions will pick it up and it could be back-ported to old versions
as needed.
** Changed in: apache2 (Ubuntu)
Status: New => Triaged
** Changed in: apache2 (Ubuntu)
Importance: Undecided => Low
** Changed in: apache2 (Ubuntu)
Importance: Low => Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1463635
Title:
Apache2 waits indefinetely when reloading
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1463635/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
