cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gus Heck (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-13396) Cassandra 3.10: ClassCastException in ThreadAwareSecurityManager
Date Thu, 29 Jun 2017 22:38:00 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-13396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16069133#comment-16069133
] 

Gus Heck commented on CASSANDRA-13396:
--------------------------------------

Looking forward to the resolution of this issue in any of the following ways:

1) Don't load this security manager and policies if UDF's are configured to be disabled 
2) Handle other possible loggers conditionally (log4j2 being my case)
3) Provide an option to run with insecure UDF's ( by not installing this security manager).
Not everyone is exposing UDF's to folks they don't trust. In some use cases it might be a
feature to be able to read system properties etc.

Glancing at the discussion it sounds like this is heading towards a "break UDF's but continue"
strategy, which will also work for me since I don't need UDF's but seems likely to trip folks.

My exact itch is documented here: https://github.com/nsoft/jesterj/issues/89

If option 1 or 3 were available, that would greatly simplify my life, because this security
manager installs policies in a class initializer and these policies assume a codePath with
a url scheme of "file" but in my case the scheme is "onejar"... which forced me into lots
of gyrations to force an early load and then un-set your policies so that the rest of my code
could have permissions.


> Cassandra 3.10: ClassCastException in ThreadAwareSecurityManager
> ----------------------------------------------------------------
>
>                 Key: CASSANDRA-13396
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13396
>             Project: Cassandra
>          Issue Type: Bug
>            Reporter: Edward Capriolo
>            Assignee: Eugene Fedotov
>            Priority: Minor
>
> https://www.mail-archive.com/user@cassandra.apache.org/msg51603.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message