Page MenuHomePhabricator
Create Task
Maniphest T259033

Consider a very short term cache (5-10 min?) of 404’s for thumbnails, bearing in mind the possibility for cache pollution attacks
Open, Needs TriagePublic
Actions

Description

Followup actionable from https://wikitech.wikimedia.org/wiki/Incidents/2020-05-11_thumbor

During the incident, it became clear that if we had a very short cache (e.g. 5-10m) for 404s for thumbnails, the amount of requests that would reach the service eventually would be way less and thus would greatly mitigate the incident.

That however would open a path for cache pollution attacks. One that I can think of easily is the following:

  • Race condition, e.g. thumbnails being requested before the original has been uploaded and thus the thumbnail taking some time to generate. With request coalescing at the edge(which we currently have) and a short cache period (even 5-10m might be too much), that race condition would probably be mitigated before it became enough of a nuissance.

Related Objects
Search...

Event Timeline

akosiaris created this task.Jul 28 2020, 2:10 PM
akosiaris mentioned this in T254748: 20200511-thumbor.Jul 28 2020, 2:14 PM
elukey removed a project: SRE-OnFire-Incident-Docs.Sep 28 2020, 1:16 PM
elukey subscribed.

I removed the SRE-OnFire-Incident-Docs tag since this seems to be an action item rather than a document to review, but please re-add the tag if I am wrong.

Aklapper added a project: Thumbor.Sep 29 2020, 6:53 AM
Krinkle added projects: Sustainability (Incident Followup), Performance-Team (Radar).Aug 19 2022, 3:09 PM
Krinkle moved this task from Limbo to Perf recommendation on the Performance-Team (Radar) board.
Krinkle updated the task description. (Show Details)
Aklapper removed akosiaris as the assignee of this task.Sep 26 2022, 10:19 AM

Removing task assignee due to inactivity as this open task has been assigned for more than two years. See the email sent to the task assignee on August 22nd, 2022.
Please assign this task to yourself again if you still realistically [plan to] work on this task - it would be welcome!
If this task has been resolved in the meantime, or should not be worked on ("declined"), please update its task status via "Add Action… 🡒 Change Status".
Also see https://www.mediawiki.org/wiki/Bug_management/Assignee_cleanup for tips how to best manage your individual work in Phabricator. Thanks!

Krinkle edited projects, added Wikimedia-Performance-recommendation; removed Performance-Team (Radar).Aug 18 2023, 8:41 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits