geode-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Juan José Ramos <>
Subject Re: [PROPOSAL]: Improve OQL Method Invocation Security
Date Fri, 14 Jun 2019 23:39:42 GMT
Hey Jake,

Thanks for bringing this up. As you might have found out already, english
is not my native language, I actually had to do some research to find out
*exactly what you meant* regarding the bias around the "whitelist" word
:-|... It was an honest mistake and I sincerely apologize in advance if
anyone got offended in any way.
That said, I won't have time to go through the proposal and make the
required changes until next week, so I'll keep the document hidden until
all biased words are replaced.

On Sat, Jun 15, 2019 at 12:25 AM Jacob Barrett <> wrote:

> > As part of GEODE-3247 <>,
> several options were analysed and, after considering the wealth of security
> holes and the difficulty of determining which methods deployed by the
> developer were intended to be available for queries and which were not, the
> decision was made to tighten up the Security and, by default, disallow any
> method call not explicitly whitelisted.
> Please avoid biased words, like whitelist, in source and proposals. There
> are several other places in this document that use these terms. Can you
> please update the document without them.
> Thanks,
> Jake

Juan José Ramos Cassella
Senior Technical Support Engineer
Office#: +353 21 4238611
Mobile#: +353 87 2074066
After Hours Contact#: +1 877 477 2269
Office Hours: Mon - Thu 08:30 - 17:00 GMT. Fri 08:30 - 16:00 GMT
How to upload artifacts:
How to escalate a ticket:

[image: support] <> [image: twitter]
<> [image: linkedin]
<> [image: facebook]
<> [image: google plus]
<> [image: youtube]

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message