[
https://issues.apache.org/jira/browse/TINKERPOP-2835?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Snoddy updated TINKERPOP-2835:
----------------------------------
Description:
When I run a query such as g.V().has('NAME',System.getenv()) our sandbox
configuration blocks the execution of System.getenv(), however if the request
is passed to one of the translators (e.g. GroovyTranslator), the query is
executed (and could be used to reboot a machine, kill the Java VM, run OS level
commands, etc):
`g.V().has("NAME",[("PATH"):
("/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin .....`
was:
When I run a query such as g.V().has('NAME',System.getenv()) our sandbox
configuration blocks the execution of System.getenv(), however if the request
is passed to one of the translators (e.g. GroovyTranslator), the query is
executed (and could be used to reboot a machine, kill the Java VM, run OS level
commands, etc):
g.V().has("NAME",[("PATH"):("/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin
.....
> Query translation ignores sandbox limitations
> ---------------------------------------------
>
> Key: TINKERPOP-2835
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2835
> Project: TinkerPop
> Issue Type: Bug
> Reporter: Dan Snoddy
> Priority: Critical
>
> When I run a query such as g.V().has('NAME',System.getenv()) our sandbox
> configuration blocks the execution of System.getenv(), however if the request
> is passed to one of the translators (e.g. GroovyTranslator), the query is
> executed (and could be used to reboot a machine, kill the Java VM, run OS
> level commands, etc):
> `g.V().has("NAME",[("PATH"):
> ("/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin .....`
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
