ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Denis Garus (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (IGNITE-11410) Sandbox for user-defined code
Date Wed, 24 Jul 2019 07:57:00 GMT

     [ https://issues.apache.org/jira/browse/IGNITE-11410?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Denis Garus updated IGNITE-11410:
---------------------------------
    Description: 
We should provide a restricted environment (sandbox) in which to run user-defined code securely.
To get it done, we would use the java sandbox model.
 The java sandbox model allows restricting access from user-defined code to the system resources
or security-sensitive feature of java, for example, reflection.

The user-defined code contains:
 - StreamReceiver for DataStreamer:
 - EntryProcessor;
 - ComputeJob;
 - filter and transformer for ScanQuery.

The user-defined code will get permissions from GridSecuerityProcessor (security plugin).

  was:
We should provide a restricted environment in which to run user-defined code securely. To
get it done, we would use the java sandbox model.
 The java sandbox model allows restricting access from user-defined code to the system resources
or security-sensitive feature of java, for example, reflection.

The user-defined code contains:
 - StreamReceiver for DataStreamer:
 - EntryProcessor;
 - ComputeJob;
 - filter and transformer for ScanQuery.

The user-defined code will get permissions from GridSecuerityProcessor (security plugin).


> Sandbox for user-defined code
> -----------------------------
>
>                 Key: IGNITE-11410
>                 URL: https://issues.apache.org/jira/browse/IGNITE-11410
>             Project: Ignite
>          Issue Type: Task
>            Reporter: Anton Vinogradov
>            Assignee: Denis Garus
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> We should provide a restricted environment (sandbox) in which to run user-defined code
securely. To get it done, we would use the java sandbox model.
>  The java sandbox model allows restricting access from user-defined code to the system
resources or security-sensitive feature of java, for example, reflection.
> The user-defined code contains:
>  - StreamReceiver for DataStreamer:
>  - EntryProcessor;
>  - ComputeJob;
>  - filter and transformer for ScanQuery.
> The user-defined code will get permissions from GridSecuerityProcessor (security plugin).



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Mime
View raw message