cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Stupp (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CASSANDRA-9402) Implement proper sandboxing for UDFs
Date Fri, 24 Jul 2015 10:53:05 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-9402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Robert Stupp updated CASSANDRA-9402:
------------------------------------
    Attachment: 9402-post-disable.txt

Well, I'm pretty sure, nobody can make it 100% - there's always a way to break things. But
we can make it good enough to prevent probably 99.9% of user mistakes.

Understand your cautiousness. Enabling UDFs in 4.0 sounds like a nice plan.
Attached patch to disable UDFs by default.

> Implement proper sandboxing for UDFs
> ------------------------------------
>
>                 Key: CASSANDRA-9402
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9402
>             Project: Cassandra
>          Issue Type: Task
>            Reporter: T Jake Luciani
>            Assignee: Robert Stupp
>            Priority: Critical
>              Labels: docs-impacting, security
>             Fix For: 3.0 beta 1
>
>         Attachments: 9402-post-disable.txt, 9402-warning.txt
>
>
> We want to avoid a security exploit for our users.  We need to make sure we ship 2.2
UDFs with good defaults so someone exposing it to the internet accidentally doesn't open themselves
up to having arbitrary code run.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message