CheneyYin commented on PR #7170: URL: https://github.com/apache/seatunnel/pull/7170#issuecomment-2223073444
> > Is there a risk of injection attacks? Some services based on Seatunnel may be injected with attack codes by users to destroy the production environment of the service provider. > > Thank you for raising the question. It is possible, for example, to loop in the code. However, internal deployment is generally based on user trust, and similar functions may be compromised, such as writing long loops in Redis Lua scripts Yes, if the usage scenario is internal, the risk is not high. However, it will bring security risks to commercial services using SeaTunnel, such as destructive shell attacks. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
