cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-9476) Less restrictive permissions for UDFs
Date Mon, 25 May 2015 22:45:17 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-9476?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14558560#comment-14558560
] 

Aleksey Yeschenko commented on CASSANDRA-9476:
----------------------------------------------

If we can't safeguard them properly, I would rather leave out scripted (non-Java) UDFs out
entirely - or go full hard core and require full superuser status on their creators and executors.

Leaving that to be per-keyspace is, frankly, nothing more than pretending.

> Less restrictive permissions for UDFs
> -------------------------------------
>
>                 Key: CASSANDRA-9476
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9476
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Robert Stupp
>            Priority: Minor
>
> CASSANDRA-9402 introduces very restrictive permissions for UDFs. Being very restrictive
with arbitrary executable code is generally the way to go.
> It might be necessary in some situations to raise the permissions or extend list or accessible
classes on a per-function or global scope.
> Idea in CASSANDRA-9402 was to introduce a permission to allow functions without any restrictions
- e.g. to introduce a CREATE UNTRUSTED permission.
> But such an "access everything everywhere" permission essentially allows access to the
whole database and everything else.
> Another idea is to allow configuration of the allowed permissions and/or black/whitelisted
classes.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message