cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-9476) Less restrictive permissions for UDFs
Date Mon, 25 May 2015 22:45:17 GMT


Aleksey Yeschenko commented on CASSANDRA-9476:

If we can't safeguard them properly, I would rather leave out scripted (non-Java) UDFs out
entirely - or go full hard core and require full superuser status on their creators and executors.

Leaving that to be per-keyspace is, frankly, nothing more than pretending.

> Less restrictive permissions for UDFs
> -------------------------------------
>                 Key: CASSANDRA-9476
>                 URL:
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Robert Stupp
>            Priority: Minor
> CASSANDRA-9402 introduces very restrictive permissions for UDFs. Being very restrictive
with arbitrary executable code is generally the way to go.
> It might be necessary in some situations to raise the permissions or extend list or accessible
classes on a per-function or global scope.
> Idea in CASSANDRA-9402 was to introduce a permission to allow functions without any restrictions
- e.g. to introduce a CREATE UNTRUSTED permission.
> But such an "access everything everywhere" permission essentially allows access to the
whole database and everything else.
> Another idea is to allow configuration of the allowed permissions and/or black/whitelisted

This message was sent by Atlassian JIRA

View raw message