tinkerpop-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jorg...@apache.org
Subject [47/50] [abbrv] tinkerpop git commit: Updated security docs a bit for Gremlin Server CTR
Date Wed, 20 Sep 2017 10:32:54 GMT
Updated security docs a bit for Gremlin Server CTR


Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/9a695169
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/9a695169
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/9a695169

Branch: refs/heads/TINKERPOP-1730
Commit: 9a695169d59213e7ddf80eb4d08a897815fa7466
Parents: 97aef32
Author: Stephen Mallette <spmva@genoprime.com>
Authored: Tue Sep 19 13:43:03 2017 -0400
Committer: Stephen Mallette <spmva@genoprime.com>
Committed: Tue Sep 19 13:56:26 2017 -0400

----------------------------------------------------------------------
 docs/src/reference/gremlin-applications.asciidoc | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/9a695169/docs/src/reference/gremlin-applications.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/reference/gremlin-applications.asciidoc b/docs/src/reference/gremlin-applications.asciidoc
index 7e72d33..5af699f 100644
--- a/docs/src/reference/gremlin-applications.asciidoc
+++ b/docs/src/reference/gremlin-applications.asciidoc
@@ -384,6 +384,10 @@ on how to develop a driver for Gremlin Server.
 By default, communication with Gremlin Server occurs over link:http://en.wikipedia.org/wiki/WebSocket[WebSocket]
and
 exposes a custom sub-protocol for interacting with the server.
 
+WARNING: Gremlin Server allows for the execution of remotely submitted "scripts" (i.e. arbitrary
code sent by a client
+to the server). Developers should consider the security implications involved in running
Gremlin Server without the
+appropriate precautions. Please review the <<script-execution,Script Execution Section>>
for more information.
+
 [[starting-gremlin-server]]
 Starting Gremlin Server
 ~~~~~~~~~~~~~~~~~~~~~~~
@@ -1328,8 +1332,14 @@ some problems would be, `while(true) {}`, which would consume a thread
in the Gr
 preventing it from serving other requests.  Sending enough of these kinds of scripts would
eventually consume all
 available threads and Gremlin Server would stop responding.
 
-Gremlin Server (more specifically the `GremlinGroovyScriptEngine`) provides methods to protect
itself from these
-kinds of troublesome scripts.  A user can configure the script engine with different `CompilerCustomizerProvider`
+Scripts have access to the full power of their language and the JVM on which they are running.
This means that they
+can access certain APIs that have nothing to do with Gremlin itself, such as `java.lang.System`
or the `java.io`
+and `java.net` packages. Scripts offer developers a lot of flexibility, but having that flexibility
comes at the cost
+of safety. A Gremlin Server instance that is not secured appropriately provides for a big
security risk.
+
+The previous sections discussed methods for securing Gremlin Server through authentication
and encryption, which is a
+good first step in protection. Another layer of protection comes in the form of specific
configurations for the
+`GremlinGroovyScriptEngine`.  A user can configure the script engine with different `CompilerCustomizerProvider`
 implementations.  Consider the basic configuration from the Gremlin Server YAML file:
 
 [source,yaml]


Mime
View raw message