[
https://issues.apache.org/jira/browse/CALCITE-5292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17607453#comment-17607453
]
Jiajun Xie commented on CALCITE-5292:
-------------------------------------
+1, I already have a policy that can prevent SQL statements from running if
they contain certain functions.
But for my employer, disable functions because of security issues. For
example, reflect UDF.
> Add a policy that can prevent SQL statements from running if they contain
> certain functions / operators
> --------------------------------------------------------------------------------------------------------
>
> Key: CALCITE-5292
> URL: https://issues.apache.org/jira/browse/CALCITE-5292
> Project: Calcite
> Issue Type: Bug
> Reporter: Julian Hyde
> Priority: Major
>
> Add a policy that can prevent SQL statements from running if they contain
> certain operators, including built-in functions and operators.
> One use of this policy would be to disable functions that contain serious
> bugs. For example, we could have prevented use of {{EXTRACTVALUE}} as a
> workaround to CALCITE-5263.
> Calcite's predecessor [LucidDB|https://github.com/LucidDB/luciddb] had
> policy-driven access to tables, but this code was never fully enabled in
> Calcite. Ironically, the last remaining code was deprecated in CALCITE-4953.
> We should consider reviving the policy and making it handle tables and
> functions/operators.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
