Return-Path: X-Original-To: apmail-ignite-dev-archive@minotaur.apache.org Delivered-To: apmail-ignite-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D8EB9185C1 for ; Wed, 29 Jul 2015 01:25:09 +0000 (UTC) Received: (qmail 40985 invoked by uid 500); 29 Jul 2015 01:25:09 -0000 Delivered-To: apmail-ignite-dev-archive@ignite.apache.org Received: (qmail 40946 invoked by uid 500); 29 Jul 2015 01:25:09 -0000 Mailing-List: contact dev-help@ignite.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ignite.incubator.apache.org Delivered-To: mailing list dev@ignite.incubator.apache.org Received: (qmail 40934 invoked by uid 99); 29 Jul 2015 01:25:09 -0000 Received: from Unknown (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 29 Jul 2015 01:25:09 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 1669EC0337 for ; Wed, 29 Jul 2015 01:25:09 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.792 X-Spam-Level: * X-Spam-Status: No, score=1.792 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=3, RCVD_IN_MSPIKE_H2=-1.108, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-us-east.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id gfKQ7vcM32R5 for ; Wed, 29 Jul 2015 01:25:02 +0000 (UTC) Received: from mail-io0-f180.google.com (mail-io0-f180.google.com [209.85.223.180]) by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with ESMTPS id 01317428DF for ; Wed, 29 Jul 2015 01:25:02 +0000 (UTC) Received: by iodd187 with SMTP id d187so6119243iod.2 for ; Tue, 28 Jul 2015 18:25:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=COu/TM+MKGeZV5ZC3HR/1SwNPpLsBxZl/u+5urnSpVk=; b=dShjsqJshuE0f9mrnmpZWB6KUR3MKCz0ZJzu3sPODy9VljOsbisk5P0BCbSL03iThd 9WFAG9Q0qydqNo4Vf8ujjx4QC41/I/rtfdESqOOol2XPNjGyBfZPH7dL/5Nbsm05m7jQ FPoWUt5js9nevu0AkT5G5KAJc4ZJ+cSpN4DaSJNvKc1V9sgNvYY32G+4qhF+r7d0L3Az M7JoI/cDagEj6+w6sH2Tvb+K6O6/wimODDxaIlxLTLeM8sfEgL+5M7YTupDoCFagJtl5 hHe1D3km+TMLtp79ZI6uv4d2vOwN1jGc7PA7m5+cwo8QbOIckeCIiXnUC26EE+h5yfoI +ecg== MIME-Version: 1.0 X-Received: by 10.107.138.152 with SMTP id c24mr56877252ioj.74.1438133101657; Tue, 28 Jul 2015 18:25:01 -0700 (PDT) Received: by 10.107.145.134 with HTTP; Tue, 28 Jul 2015 18:25:01 -0700 (PDT) In-Reply-To: References: <20150728182044.GC30506@boudnik.org> <20150728185143.GE30506@boudnik.org> <55B7E32A.4050504@apache.org> Date: Tue, 28 Jul 2015 18:25:01 -0700 Message-ID: Subject: Re: automatically deploying user libraries From: Valentin Kulichenko To: dev@ignite.incubator.apache.org Content-Type: multipart/alternative; boundary=001a113f2b4eaa0951051bf9746d --001a113f2b4eaa0951051bf9746d Content-Type: text/plain; charset=UTF-8 Guys, I'm not sure I understand the purpose of this discussion. Maven-based and Git-based providers are just examples of pluggable implementations that we can provide out of the box - user is never forced to use them. I see two main use cases for the feature: - Dynamic deployment and redeployment of user's code during development. From my experience it can noticeably speed up the development, so I really like it. And Git+Maven approach fits here very well, BTW. - Interactive apps where users are allowed to deploy their custom stuff. Security concerns are valid here, of course. But it's up to developer to choose proper mechanisms of deployment and security. I think we should discuss the feature itself, its API and how to provide good abstraction that will allow the user to customize it in the way he needs to achieve his goals and ensure required level security. -Val On Tue, Jul 28, 2015 at 3:29 PM, Ognen Duzlevski wrote: > > > > It's called a remote code execution exploit. Anyone who has write access > > to the repo (i.e., anyone who can hack in) can change the deployed code > > and DOS your whole cluster. > > > > I believe these decisions are best left to the end user, the mechanism > proposed may or may not have valid uses for you but it may have valid uses > to others. I am an old dog too and I don't practice or agree with some of > the stuff "software engineers" pass along as good practice these days but > that doesn't mean other people should be deprived of a possibility. At the > end of the day, so long as the source code to something is online or on a > machine connected to the Internet, there is risk. Ever since that one paper > got us thinking ( > https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf) ... > --001a113f2b4eaa0951051bf9746d--