cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Ellis (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-9402) Implement proper sandboxing for UDFs
Date Wed, 27 May 2015 22:19:23 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-9402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14561845#comment-14561845
] 

Jonathan Ellis commented on CASSANDRA-9402:
-------------------------------------------

I had a look at postgresql's pl/java source.  The SecurityManager is pretty simple: https://github.com/tada/pljava/blob/5489d14073f02c064583f1d4818c2bcea7fee951/pljava/src/main/java/org/postgresql/pljava/internal/Backend.java

Why can't we do something like that?

> Implement proper sandboxing for UDFs
> ------------------------------------
>
>                 Key: CASSANDRA-9402
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9402
>             Project: Cassandra
>          Issue Type: Task
>            Reporter: T Jake Luciani
>            Assignee: Robert Stupp
>            Priority: Critical
>              Labels: doc-impacting, security
>             Fix For: 3.0 beta 1
>
>         Attachments: 9402-warning.txt
>
>
> We want to avoid a security exploit for our users.  We need to make sure we ship 2.2
UDFs with good defaults so someone exposing it to the internet accidentally doesn't open themselves
up to having arbitrary code run.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message