Robert Muir created SOLR-14018:
----------------------------------
Summary: sandbox velocity into oblivion
Key: SOLR-14018
URL: https://issues.apache.org/jira/browse/SOLR-14018
Project: Solr
Issue Type: Improvement
Security Level: Public (Default Security Level. Issues are Public)
Reporter: Robert Muir
followup to SOLR-19993.
The thing has too many read permissions now. it is due to my hacky first stab
at the thing. instead of wrapping the whole block of code in a sandbox, we
should go a little deeper, there are two things:
* Script "engine" (with all the shit needed to compile and run the script)
* Script compiled code (stuff from the luser that we definitely do not trust)
If we can split the permissions into these two, then the second one has no
permissions and can't mess around as much.
It just takes wrestling, tests, and time.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
