[
https://issues.apache.org/jira/browse/CASSANDRA-9402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14558586#comment-14558586
]
Aleksey Yeschenko commented on CASSANDRA-9402:
----------------------------------------------
I'm not sure that having whitelist patterns with blacklist exceptions is right
here. New classes get added in JDK, and it's easy to miss something unless you
perform constant audit. Same goes for the driver as well.
This exposes way, way too much by default. How much can we cut?
> Implement proper sandboxing for UDFs
> ------------------------------------
>
> Key: CASSANDRA-9402
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9402
> Project: Cassandra
> Issue Type: Task
> Reporter: T Jake Luciani
> Assignee: Robert Stupp
> Priority: Critical
> Labels: doc-impacting, security
> Fix For: 2.2.0 rc1
>
>
> We want to avoid a security exploit for our users. We need to make sure we
> ship 2.2 UDFs with good defaults so someone exposing it to the internet
> accidentally doesn't open themselves up to having arbitrary code run.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
