[
https://issues.apache.org/jira/browse/ACCUMULO-1188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13760440#comment-13760440
]
John Stoneham commented on ACCUMULO-1188:
-----------------------------------------
It would be helpful to have iterators running in a Java security sandbox as
well. That way, we could write iterators that could receive custom scripts
(Groovy, Clojure, JSR223, whatever) as parameters, without having to be
vulnerable to some user passing System.exec("rm -rf /"). (Say, a user that's
trusted to call into Accumulo but not to have access to the tserver directly.)
> Sandbox iterators
> -----------------
>
> Key: ACCUMULO-1188
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1188
> Project: Accumulo
> Issue Type: Bug
> Reporter: Keith Turner
> Fix For: 1.6.0
>
> Attachments: ACCUMULO-1188_fig1.png
>
>
> It's possible that a user iterator can bring down a tablet server. For
> example if it has an OOM or creates too many threads. It would be nice if
> iterators could be sandboxed in some way.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
