[Bug 1463635] Re: Apache2 waits indefinetely when reloading

ChristianEhrhardt 1463635 at bugs.launchpad.net
Thu Mar 31 12:01:50 UTC 2016


Hi,
you are right that default configurations should be sane.
I totally like your report on the potential DOS, by keeping a connection open and so stalling the restart forever.
So I don't just want you or me to close it.
But then the GracefulShutdownTimeout being zero is the apache default - not one set by Ubuntu.

I see two issues in "just" changing that:
- while discussion worthy, some other users might expect it to behave as it did up to now
- Upstream must have a reason to keep the default at zero (I hope)

I'd suggest to bring the matter to discussion upstream with Apache.
There the experts can much better quantify the reality of an attack due to this or any other implications.
E.g. the answer to why exactly the connections remain open and what could/should be done.

Once there is agreement and a patch that changes the upstream default
new versions will pick it up and it could be back-ported to old versions
as needed.

** Changed in: apache2 (Ubuntu)
       Status: New => Triaged

** Changed in: apache2 (Ubuntu)
   Importance: Undecided => Low

** Changed in: apache2 (Ubuntu)
   Importance: Low => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1463635

Title:
  Apache2 waits indefinetely when reloading

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1463635/+subscriptions



More information about the Ubuntu-server-bugs mailing list