[ https://issues.apache.org/jira/browse/IGNITE-12283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Denis Garus updated IGNITE-12283: --------------------------------- Description: IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack. We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code. Additionally, a proxied instance of Ignite allows users to use public API of Ignite. Otherwise, using public API inside the sandbox without proxying can be the reason for access control errors. was: IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack. We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code. > Access restriction to IgniteKernal > ---------------------------------- > > Key: IGNITE-12283 > URL: https://issues.apache.org/jira/browse/IGNITE-12283 > Project: Ignite > Issue Type: Task > Reporter: Denis Garus > Assignee: Denis Garus > Priority: Major > Labels: iep-38 > Time Spent: 10m > Remaining Estimate: 0h > > IgniteKernal allows a user-defined code to get access to the internal > features of Ignite. That behavior leads to security lack. > We must encapsulate _IgniteKernal_ to restrict access to it from > user-defined code. > Additionally, a proxied instance of Ignite allows users to use public API of > Ignite. Otherwise, using public API inside the sandbox without proxying can > be the reason for access control errors. -- This message was sent by Atlassian Jira (v8.3.4#803005)