Attack prevention necessary?

[curious-broccoli]

Hi again,
can you recommend any defenses against DOS (denial of service) attacks involving submissions? Do you think nothing is necessary to protect from e.g. zip bombs, fork bombs, etc. as long as the compute worker is on a separate machine than the rest of the platform? Or should some restrictions be placed on the compute worker container, like limiting maximum memory, maximum processes, ...

Does the default queue of codabench.org use any protection?

[Didayolo]

Hi @curious-broccoli,

That is a good question. I don't know if the compute worker would crash on a fork bomb, but probably.

The main server, being separated from the workers, should be fine.

@ObadaS Any input on that?