[
https://issues.apache.org/jira/browse/HIVE-12855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15095446#comment-15095446
]
Sergey Shelukhin commented on HIVE-12855:
-----------------------------------------
[~hagleitn] this is potentially a security concern (unreleased version, so I
created the JIRA). Only the code on classpath can be executed, and you have to
be authenticated to connect to LLAP in the first place, but after that any UDF
that LLAP can load from somewhere can be executed by commenting out one line in
the decider (or by making a request manually).
> LLAP: add checks when resolving UDFs to enforce whitelist
> ---------------------------------------------------------
>
> Key: HIVE-12855
> URL: https://issues.apache.org/jira/browse/HIVE-12855
> Project: Hive
> Issue Type: Sub-task
> Reporter: Sergey Shelukhin
>
> Currently, adding a temporary UDF and calling LLAP with it (bypassing the
> LlapDecider check, I did it by just modifying the source) only fails because
> the class could not be found. If the UDF was accessible to LLAP, it would
> execute.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
