Use ramfs/tmpfs for /tmp/whateverable/builds #118
Labels
whateverable
Issues affecting the bot framework (and therefore all of the bots)
Comments
AlexDaniel
added
the
whateverable
AlexDaniel
added a commit
that referenced
this issue
Sep 29, 2017
This commit resolves many long-standing problems: * Issue #25 (RESTRICTED setting) is resolved. Bots are still not fully secure, but now they are more secure that they've even been given that RESTRICTED setting is entirely useless * Issue #52 (predictable filenames) is no longer blocked * Issue #55 (sandboxable) is probably no longer relevant * Issue #118 (ramfs for /tmp) now needs an update * Issue #144 (bots leaving stuff behind) is resolved because every bot has its own /tmp * Issue #183 (source ip issue) possibly has a systemd solution for it * Issue #197 is tackled a little bit also because now there's a memory limit for every bot (3G for now, we can probably make it smaller) * Issue #238 (e.g. forkbombs) is basically resolved, but needs a bit more work * Moreover, there's now a watchdog that makes sure that bots come back online if something bad happens Not that all of this wasn't possible without systemd, it's just that it is so much easier now. Feel free to hate me as much as you want.
|
I think this issue is no longer relevant. See #31 instead. Will close once confirmed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We don't spend that much time for decompression (should be about ≈0.130s). Maybe using a tmpfs will shave off a couple of milliseconds.
The text was updated successfully, but these errors were encountered: