geode-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Juan José Ramos <jra...@pivotal.io>
Subject Re: [PROPOSAL]: Improve OQL Method Invocation Security
Date Wed, 19 Jun 2019 16:55:18 GMT
Hello all,

I've removed all "biased" words I could find from the original document so
the *Proposal [1]* is ready for review and discussion now. All feedback is
welcome.
Best regards.

[1]:
https://cwiki.apache.org/confluence/display/GEODE/OQL+Method+Invocation+Security

On Fri, Jun 14, 2019 at 8:39 PM Juan José Ramos <jramos@pivotal.io> wrote:

> Hey Jake,
>
> Thanks for bringing this up. As you might have found out already, english
> is not my native language, I actually had to do some research to find out
> *exactly what you meant* regarding the bias around the "whitelist" word
> :-|... It was an honest mistake and I sincerely apologize in advance if
> anyone got offended in any way.
> That said, I won't have time to go through the proposal and make the
> required changes until next week, so I'll keep the document hidden until
> all biased words are replaced.
> Cheers.
>
>
> On Sat, Jun 15, 2019 at 12:25 AM Jacob Barrett <jbarrett@pivotal.io>
> wrote:
>
>> > As part of GEODE-3247 <https://issues.apache.org/jira/browse/GEODE-3247>,
>> several options were analysed and, after considering the wealth of security
>> holes and the difficulty of determining which methods deployed by the
>> developer were intended to be available for queries and which were not, the
>> decision was made to tighten up the Security and, by default, disallow any
>> method call not explicitly whitelisted.
>>
>> Please avoid biased words, like whitelist, in source and proposals. There
>> are several other places in this document that use these terms. Can you
>> please update the document without them.
>>
>> Thanks,
>> Jake
>>
>>
>
> --
> Juan José Ramos Cassella
> Senior Technical Support Engineer
> Email: jramos@pivotal.io
> Office#: +353 21 4238611
> Mobile#: +353 87 2074066
> After Hours Contact#: +1 877 477 2269
> Office Hours: Mon - Thu 08:30 - 17:00 GMT. Fri 08:30 - 16:00 GMT
> How to upload artifacts:
> https://support.pivotal.io/hc/en-us/articles/204369073
> How to escalate a ticket:
> https://support.pivotal.io/hc/en-us/articles/203809556
>
> [image: support] <https://support.pivotal.io/> [image: twitter]
> <https://twitter.com/pivotal> [image: linkedin]
> <https://www.linkedin.com/company/3048967> [image: facebook]
> <https://www.facebook.com/pivotalsoftware> [image: google plus]
> <https://plus.google.com/+Pivotal> [image: youtube]
> <https://www.youtube.com/playlist?list=PLAdzTan_eSPScpj2J50ErtzR9ANSzv3kl>
>


-- 
Juan José Ramos Cassella
Senior Technical Support Engineer
Email: jramos@pivotal.io
Office#: +353 21 4238611
Mobile#: +353 87 2074066
After Hours Contact#: +1 877 477 2269
Office Hours: Mon - Thu 08:30 - 17:00 GMT. Fri 08:30 - 16:00 GMT
How to upload artifacts:
https://support.pivotal.io/hc/en-us/articles/204369073
How to escalate a ticket:
https://support.pivotal.io/hc/en-us/articles/203809556

[image: support] <https://support.pivotal.io/> [image: twitter]
<https://twitter.com/pivotal> [image: linkedin]
<https://www.linkedin.com/company/3048967> [image: facebook]
<https://www.facebook.com/pivotalsoftware> [image: google plus]
<https://plus.google.com/+Pivotal> [image: youtube]
<https://www.youtube.com/playlist?list=PLAdzTan_eSPScpj2J50ErtzR9ANSzv3kl>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message