brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From neykov <...@git.apache.org>
Subject [GitHub] brooklyn-server pull request: Add support for JSR-223 scripting of...
Date Wed, 25 May 2016 05:51:45 GMT
Github user neykov commented on the pull request:

    https://github.com/apache/brooklyn-server/pull/153#issuecomment-221479610
  
    +1 for the idea - very useful in yaml context. I've been wanting to see this for a while.
    What I think needs discussion is the security implications this brings. Currently as long
as you can add (Java) catalog items you can gain full access to the Brooklyn instance so only
privileged users should be allowed to do it. For application deployments "regular" users can
only use existing catalog items which won't let them tinker with Brooklyn internals. Having
this in the stock distribution will change that.
    Take for example the Cloud Foundry Service Bridge. Any CF user is able to spin up an application
in Brooklyn.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message