chaokunyang commented on code in PR #173:
URL: https://github.com/apache/fury-site/pull/173#discussion_r1732139015


##########
docs/guide/java_serialization_guide.md:
##########
@@ -259,12 +254,11 @@ Fury fury=getFury();
 
 ### Security & Class Registration
 
-`FuryBuilder#requireClassRegistration` can be used to disable class 
registration, this will allow to deserialize objects unknown types, more 
flexible but **may be insecure if the classes contains malicious code**.
+`FuryBuilder#requireClassRegistration` can be used to disable class 
registration, this will allow to deserialize objects unknown types, more 
flexible but ****if the class contains malicious code, a security breach can 
occur**.**.
 
-**Do not disable class registration unless you can ensure your environment is 
secure**.
+**Do not disable class registration checking unless you can ensure the 
security of your runtime environment and external interactions**.
 
-Malicious code in `init/equals/hashCode` can be executed when deserializing 
unknown/untrusted types when this option
-disabled.
+Malicious code in `init/equals/hashCode` can be executed when deserializing 
unknown/untrusted types when this option disabled.

Review Comment:
   ```suggestion
   Malicious code in `init/equals/hashCode` can be executed when deserializing 
unknown/untrusted types when this option is disabled.
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to