cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "T Jake Luciani (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-9402) Implement proper sandboxing for UDFs
Date Wed, 27 May 2015 22:44:18 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-9402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14561898#comment-14561898
] 

T Jake Luciani commented on CASSANDRA-9402:
-------------------------------------------

bq. Can we label UDF experimental in 2.2 and ship based on the 9404 approach and push this
to 3.0?

Yes so long as we don't remove the .yaml flag disabling the udf feature by default

> Implement proper sandboxing for UDFs
> ------------------------------------
>
>                 Key: CASSANDRA-9402
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9402
>             Project: Cassandra
>          Issue Type: Task
>            Reporter: T Jake Luciani
>            Assignee: Robert Stupp
>            Priority: Critical
>              Labels: doc-impacting, security
>             Fix For: 3.0 beta 1
>
>         Attachments: 9402-warning.txt
>
>
> We want to avoid a security exploit for our users.  We need to make sure we ship 2.2
UDFs with good defaults so someone exposing it to the internet accidentally doesn't open themselves
up to having arbitrary code run.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message