[jira] [Commented] (CASSANDRA-15005) Configurable whilelist for UDFs

Tue, 14 Dec 2021 10:00:07 -0800 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-15005?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459375#comment-17459375
 ] 

Benjamin Lerer commented on CASSANDRA-15005:
--------------------------------------------

Introducing a different way of plugging some functions sound like a hack to me 
and I am strongly against it. It comes with its new set of problems as suddenly 
those function will be considered as native functions belonging to the system 
keyspace. Those functions will also be ignored by most backup tools. I would 
rather improve the UDF framework or add new native functions. 

> Configurable whilelist for UDFs
> -------------------------------
>
>                 Key: CASSANDRA-15005
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-15005
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: CQL/Interpreter
>            Reporter: Adam Soroka
>            Priority: Low
>
> I would like to use the UDF system to distribute some simple calculations on 
> values. For some use cases, this would require access only to some Java API 
> classes that aren't on the (hardcoded) whitelist (e.g. 
> {{java.security.MessageDigest}}). In other cases, it would require access to 
> a little non-C* library code, pre-distributed to nodes by out-of-band means.
> As I understand the situation now, the whitelist for types UDFs can use is 
> hardcoded in java in 
> [UDFunction|[https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/cql3/functions/UDFunction.java#L99].]
> This ticket, then, is a request for a facility that would allow that list to 
> be extended via some kind of deployment-time configuration. I realize that 
> serious security concerns immediately arise for this kind of functionality, 
> but I hope that by restricting it (only used during startup, no exposing the 
> whitelist for introspection, etc.) it could be quite practical.
> I'd like very much to assist with this ticket if it is accepted. (I believe I 
> have sufficient Java skill to do that, but no real familiarity with C*'s 
> codebase, yet. :) )



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to