Hello,
After some interactions with Apache Security Team (especially Arnout), I
thought it would be a good idea to start writing a document listing the
security considerations around the Arrow formats (in-memory, IPC, etc.).
I have drafted such a document at
https://github.com/apache/arrow/pull/48870 . Comments are welcome on the
PR or in this discussion thread.
Separately, I think we should write such security documents for each
major implementation. I will probably work on one for Arrow C++.
Regards
Antoine.
