MSMQ Connection Cache Security Vulnerability?

Question

MSMQ Connection Cache Security Vulnerability?

When working with MSMQ, the connection cache is disabled by default. Enabling the MSMQ connection cache greatly increases the throughput of the queue (~ 10x).

When viewing the code, there is a link to a security vulnerability, as shown below.

// Whidbey Beta 2 SECREVIEW (Dec 2004 [....]):
// Connection Cache can be a security vulnerability (see bug 422227)
// Therefore, disable it by default
private static bool enableConnectionCache = false;

What is the potential security vulnerability (cannot find the error link)?

+4

c # msmq

Chris baxter Dec 30 '15 at 17:00

source share

1 answer

John breakwell · Answer 1 · 2016-01-14T11:28:49+0000

One explanation may be that there is a potential cache leak because Dispose () does not close the queue descriptor. See Section 18.9 MSMQ Frequently Asked Questions .

MSMQ Connection Cache Security Vulnerability?

More articles: