ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Denis Garus (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (IGNITE-11410) Security Engine fixes and test coverage. Phase #2.
Date Mon, 22 Jul 2019 09:38:00 GMT

     [ https://issues.apache.org/jira/browse/IGNITE-11410?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Denis Garus updated IGNITE-11410:
---------------------------------
    Description: 
We should provide a restricted environment in which to run user-defined code securely. To
get it done, we would use the java sandbox model.
 The java sandbox model allows restricting access from user-defined code to the system resources
or security sense feature of java, for example, reflection.

The user-defined code contains:
 - StreamReceiver for DataStreamer:
 - EntryProcessor;
 - ComputeJob;
 - filter and transformer for ScanQuery.

The user-defined code will get permissions from GridSecuerityProcessor (security plugin).

  was:
We should provide a restricted environment in which to run user-defined code securely. To
get it done, we would use the java sandbox model.
The java sandbox model allows restricting access from user-defined code to the system resources
or security sense feature of java, for example, reflection.

The user-defined code contains:
- StreamReceiver for DataStreamer:
- EntryProcessor;
- ComputeJob;
- filter and transformer for ScanQuery.

The user-defined code will get permissions from GridSecuerityProcessor (security plugin).


> Security Engine fixes and test coverage. Phase #2.
> --------------------------------------------------
>
>                 Key: IGNITE-11410
>                 URL: https://issues.apache.org/jira/browse/IGNITE-11410
>             Project: Ignite
>          Issue Type: Task
>            Reporter: Anton Vinogradov
>            Assignee: Denis Garus
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> We should provide a restricted environment in which to run user-defined code securely.
To get it done, we would use the java sandbox model.
>  The java sandbox model allows restricting access from user-defined code to the system
resources or security sense feature of java, for example, reflection.
> The user-defined code contains:
>  - StreamReceiver for DataStreamer:
>  - EntryProcessor;
>  - ComputeJob;
>  - filter and transformer for ScanQuery.
> The user-defined code will get permissions from GridSecuerityProcessor (security plugin).



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Mime
View raw message