cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Tunnicliffe (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-9892) Add support for unsandboxed UDF
Date Mon, 03 Aug 2015 10:29:05 GMT


Sam Tunnicliffe commented on CASSANDRA-9892:

Ok, so those are 3 options/suggestions for the same thing (the syntax to enable a role to
create untrusted functions)? I would still say that the last one reads as something related
to changing the status of an existing function because it doesn't refer to creation. Of the
first 2 suggestions, I'd choose the more explicit {{GRANT CREATE TRUSTED FUNCTION TO ...}},
the earlier comment about the Permission name itself (aside from the CQL syntax) still stands
though - {{TRUSTED}} is incongruous with the existing permissions. 

> Add support for unsandboxed UDF
> -------------------------------
>                 Key: CASSANDRA-9892
>                 URL:
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Jonathan Ellis
>            Assignee: Robert Stupp
>            Priority: Minor
> From discussion on CASSANDRA-9402,
> The approach postgresql takes is to distinguish between "trusted" (sandboxed) and "untrusted"
(anything goes) UDF languages. 
> Creating an untrusted language always requires superuser mode. Once that is done, creating
functions in it requires nothing special.
> Personally I would be fine with this approach, but I think it would be more useful to
have the extra permission on creating the function, and also wouldn't require adding explicit
> So I'd suggest just providing different CQL permissions for trusted and untrusted, i.e.
if you have CREATE FUNCTION permission that allows you to create sandboxed UDF, but you can
only create unsandboxed if you have CREATE UNTRUSTED.

This message was sent by Atlassian JIRA

View raw message