cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jaikiran pai (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-12883) Remove support for non-JavaScript UDFs
Date Fri, 07 Apr 2017 06:49:41 GMT


jaikiran pai commented on CASSANDRA-12883:

[~snazy], the release notes of 2.2.9 release and the title of this JIRA states that non-JavaScripts
UDFs won't be supported. The comments in this JIRA and one of the _comment_ in the commit
[1] seem to indicate that both "java" and "javasciprt" languages will be supported going forward
(including 2.2.9). However, looking at the commit [1] there seems to be an explicit check
on the "javascript" language. Does that mean if I have a UDF with:


it's going  to fail starting 2.2.9? I haven't yet had a chance to try this with 2.2.9, hence
this question.


> Remove support for non-JavaScript UDFs
> --------------------------------------
>                 Key: CASSANDRA-12883
>                 URL:
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: CQL
>            Reporter: Robert Stupp
>            Assignee: Robert Stupp
>            Priority: Minor
>             Fix For: 2.2.9, 3.0.11, 3.10
> As recently reported in the user mailing list, JSR-223 languages other than JavaScript
no longer work since version 3.0.
> The reason is that the sandbox implemented in CASSANDRA-9402 restricts the use of "evil"
packages, classes and functions. Unfortunately, even "non-evil" packages from JSR-223 providers
are blocked.
> In order to get a JSR-223 provider working fine, we need to allow JSR-223 provider specific
packages and also allow specific runtime permissions.
> The fact that "arbitrary" JSR-223 providers no longer work since 3.0 has just been reported
recently, means that this functionality (i.e. non-JavaSCript JSR-223 UDFs) is obviously not
> Therefore I propose to remove support for UDFs that do not use Java or JavaScript in
4.0. This will also allow to specialize scripted UDFs on Nashorn and allow to use its security
features, although these are limited, more extensively. (Clarification: this ticket is just
about to remove that support)
> Also want to point out that we never "officially" supported UDFs that are not Java or
> Sample error message:
> {code}
> Traceback (most recent call last):
>   File "/usr/bin/", line 1264, in perform_simple_statement
>     result = future.result()
>   File "/usr/share/cassandra/lib/",
line 3650, in result
>     raise self._final_exception
> FunctionFailure: Error from server: code=1400 [User Defined Function failure] message="execution
of 'e.test123[bigint]' failed: access denied: ("java.lang.RuntimePermission"
> {code}

This message was sent by Atlassian JIRA

View raw message