[
https://issues.apache.org/jira/browse/PIG-3765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13911849#comment-13911849
]
Daniel Dai commented on PIG-3765:
---------------------------------
Overall, patch looks good. I have two comments:
1. In your use case, is user allowed to use PigServer/script engine in place of
Grunt? If so, we need to hook PigServer as well.
2. Do we need to change the signature of GruntParser which entails lengthy test
changes? Seems it is not absolutely needed, right?
> Ability to disable Pig commands and operators
> ---------------------------------------------
>
> Key: PIG-3765
> URL: https://issues.apache.org/jira/browse/PIG-3765
> Project: Pig
> Issue Type: New Feature
> Components: documentation, grunt
> Reporter: Prashant Kommireddi
> Assignee: Prashant Kommireddi
> Attachments: PIG-3765.patch, PIG-3765_2.patch
>
>
> This is an admin feature providing ability to blacklist or/and whitelist
> certain commands and operations. Pig exposes a few of these that could be not
> very safe in a multitenant environment. For example, "sh" invokes shell
> commands, "set" allows users to change non-final configs. While these are
> tremendously useful in general, having an ability to disable would make Pig a
> safer platform. The goal is to allow administrators to be able to have more
> control over user scripts. Default behaviour would still be the same - no
> filters applied on commands and operators.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
