ddanielr commented on code in PR #55: URL: https://github.com/apache/accumulo-classloaders/pull/55#discussion_r2748834623
########## modules/local-caching-classloader/README.md: ########## @@ -131,6 +131,29 @@ unexpected behavior to classloaders still using the file. * The local storage cache location **MUST** use a filesystem that supports atomic moves. +## Security + +The Accumulo property `general.custom.classloader.lcc.allowed.urls.pattern` is +another required parameter. It is used to limit the allowed URLs that can be +fetched when downloading context definitions or context resources. Since the +process using this factory will be using its own permissions to fetch +resources, and placing a copy of those resources in a local directory where +others may access them, that presents presents a potential file disclosure +security risk. This property allows a system administrator to mitigate that +risk by restricting access to only approved URLs. (e.g. to exclude non-approved +locations like `file:/path/to/accumulo.properties` or +`hdfs://host/path/to/accumulo/rfile.rf`). + +An example value for this property might look like: +`https://example.com/path/to/contexts/.*` or +`(file:/etc|hdfs://example[.]com:9000)/path/to/contexts/.*` + +Note: this property affects all URLs fetched by this factory, including context +definition URLs and any resource URLs defined inside any fetched context +definition. It should be updated by a system maintainer if any new context +definitions have need to use new locations. It may be updated on a running +system, and will take effect after approximately a minute. Review Comment: Is the approx minute delay configurable? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
