chaokunyang commented on code in PR #173: URL: https://github.com/apache/fury-site/pull/173#discussion_r1732138770
########## docs/guide/java_serialization_guide.md: ########## @@ -259,12 +254,11 @@ Fury fury=getFury(); ### Security & Class Registration -`FuryBuilder#requireClassRegistration` can be used to disable class registration, this will allow to deserialize objects unknown types, more flexible but **may be insecure if the classes contains malicious code**. +`FuryBuilder#requireClassRegistration` can be used to disable class registration, this will allow to deserialize objects unknown types, more flexible but ****if the class contains malicious code, a security breach can occur**.**. Review Comment: ```suggestion `FuryBuilder#requireClassRegistration` can be used to disable class registration, this will allow to deserialize objects unknown types, more flexible but ****if the class contains malicious code, a security vulnerability can occur**.**.l ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
