dbardbar commented on issue #11929: URL: https://github.com/apache/druid/issues/11929#issuecomment-972580953
@gianm - I understand the need, and it does seem great. However, I'm a bit worried about security. We have code that handles abstract requests from the user, translates them to SQL, and passes the SQL to Druid. The user has extensive ways to influence the query (filtered fields, etc.) indirectly. We do have protections against SQL-injection-like malicious requests, but with the existing SQL capabilities, we knew that even if we missed something in our protections, the worst that could happen would be read-only operations, possibly from other tenants tables. If this would happen it would be very severe, but less severe than being able to modify the state of druid. In short - would this feature be protected under some user permission, or some global flag? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
