Github user spmallette commented on the issue:
https://github.com/apache/tinkerpop/pull/179
I don't see a reference to `methodBlackList` in this PR, but if we were to
just reduce the question to why do we have whitelisting and no blacklisting
then I think I could probably answer that. I'd rather not support blacklisting
in TinkerPop, as it just seems to lead people into thinking they have a secure
solution when they soon learn that they'd forgotten yet another harmful entry
to blacklist.
I think that the whitelist works really well in TinkerPop, because the base
list of classes required to execute Gremlin is small (and really that's all we
care about from TinkerPop's perspective). Whitelisting tends to work best in
cases like this as it assumes everything is bad except for this small, easy to
maintain list. Since whitelisting fits this situation so well, a blacklist
feels a bit useless - extra code without purpose which we try to avoid.
Obviously, we do have the `SimpleSandboxExtension` which does some basic
blacklisting but it's mostly for demonstration and for basic protection from
the worst of the worst `System.exit()`.
Does that make sense?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
