On Tue, Dec 23, 2008 at 10:36:29AM -0500, Michael Casadevall wrote:
> This command is to tell the remote server to receive a file. The
> client must send a signed changes file as the first file uploaded. As
> a security precaution, no file greater then 16 kilobytes shall be
> accepted until a signed changes is received and its signature has been
> verified to prevent a denial of service attack. Should a larger file
> be sent, an automatic REJECT shall be sent, and the server shall
> immediately close the connection.
Changes files themselves could be greater than 16k. C.f. [0],
and that's just the morgue.
Kind regards,
Philipp Kern
[0] find /org/ftp.debian.org/morgue -iname "*changes" | \
xargs stat -c "%s" | \
sort -nr | \
head -n 5
199473
180242
172278
167914
167811
--
.''`. Philipp Kern Debian Developer
: :' : http://philkern.de Release Assistant
`. `' xmpp:phil@0x539.de Stable Release Manager
`- finger pkern/key@db.debian.org
Attachment:
signature.asc
Description: Digital signature