[ 
https://issues.apache.org/jira/browse/PHOENIX-4231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16361660#comment-16361660
 ] 

Andrew Purtell edited comment on PHOENIX-4231 at 2/13/18 12:49 AM:
-------------------------------------------------------------------

No, we want to restrict loading to hbase.dynamic.jars.dir. Or we could define a 
Phoenix specific directory for UDFs, configurable by site file.

Whether or not the user can write to the directory isn't important. In fact, in 
our production we don't want the user to be able to write jars to HDFS at all. 
We will preposition safe and vetted UDF jars in HDFS and Phoenix can load them 
from there, but ONLY from there.

In another environment, if the administrator wants to grant write permissions 
for users to upload arbitrary UDF jars (terribly unsafe, IMHO), that could be 
fine. Not what we want, though.

Either way, we want UDF loading to be restricted to one place only.


was (Author: apurtell):
No, we want to restrict loading to hbase.dynamic.jars.dir. Or we could define a 
Phoenix specific directory for UDFs, configurable by site file.

Whether or not the user can write to the directory isn't important. In fact, in 
our production we don't want the user to be able to write jars to HDFS at all. 
We will preposition safe and vetted UDF jars in HDFS and Phoenix can load them 
from there, but ONLY from there.

> Support restriction of remote UDF load sources 
> -----------------------------------------------
>
>                 Key: PHOENIX-4231
>                 URL: https://issues.apache.org/jira/browse/PHOENIX-4231
>             Project: Phoenix
>          Issue Type: Improvement
>            Reporter: Andrew Purtell
>            Assignee: Chinmay Kulkarni
>            Priority: Major
>
> When allowUserDefinedFunctions is true, users can load UDFs remotely via a 
> jar file from any HDFS filesystem reachable on the network. The setting 
> hbase.dynamic.jars.dir can be used to restrict locations for jar loading but 
> is only applied to jars loaded from the local filesystem.  We should 
> implement support for similar restriction via configuration for jars loaded 
> via hdfs:// URIs.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to