[
https://issues.apache.org/jira/browse/CASSANDRA-9402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14561745#comment-14561745
]
Jonathan Ellis commented on CASSANDRA-9402:
-------------------------------------------
I'm also a bit concerned about the whitelist/blacklist approach being error
prone.
What prior art is out there for this? Seems like something people would have
tried to solve before.
Can we label UDF experimental in 2.2 and ship based on the 9404 approach and
push this to 3.0?
> Implement proper sandboxing for UDFs
> ------------------------------------
>
> Key: CASSANDRA-9402
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9402
> Project: Cassandra
> Issue Type: Task
> Reporter: T Jake Luciani
> Assignee: Robert Stupp
> Priority: Critical
> Labels: doc-impacting, security
> Fix For: 2.2.0 rc1
>
>
> We want to avoid a security exploit for our users. We need to make sure we
> ship 2.2 UDFs with good defaults so someone exposing it to the internet
> accidentally doesn't open themselves up to having arbitrary code run.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
