dgarus commented on a change in pull request #8237: URL: https://github.com/apache/ignite/pull/8237#discussion_r494067263
########## File path: docs/_docs/security/sandbox.adoc ########## @@ -0,0 +1,80 @@ += The Ignite Sandbox + +== Overview +Ignite allows using a user-defined code that can be a compute job, event filter, message listener, etc. +This user-defined code can utilize Java features to get access to host resources. +For example, it can create/update/delete files; create sockets; read/update/delete system properties; use reflection API and so on. +To restrict user-defined code options you may use the Ignite Sandbox based on the Java Sandbox model. + +You can read about the Java Sandbox model link:https://docs.oracle.com/en/java/javase/11/security/java-se-platform-security-architecture.html#GUID-C203D80F-C730-45C3-AB95-D4E61FD6D89C[here,window=_blank]. + +== Ignite Sandbox activation + +There are some conditions to activate the Ignite Sandbox. + +- The first condition is _the SecurityManager must be installed_. + +Due to the fact, that Ignite Sandbox is based on the Java Sandbox model, and the SecurityManager is an important part of that model, you need to have it installed. +The SecurityManager is responsible for checking, which security policy is currently in effect. It also performs access control checks. +The security manager is not automatically installed when an application is running. If you run Ignite as a separate application, +you must invoke the Java Virtual Machine with the `-Djava.security.manager` command-line argument (which sets the value of the `java.security.manager property`). +There is also a -Djava.security.policy command-line argument, defining, which policy files are utilized. +If you don't include `-Djava.security.policy` into the command line, then the policy files specified in the security properties file will be used. + +You can read more about Security Management link:https://docs.oracle.com/javase/8/docs/technotes/guides/security/spec/security-spec.doc6.html#a19349[here,window=_blank]. + +NOTE: It may be convenient adding the security manager and the policy command-line arguments to `{IGNITE-HOME}/bin/ignite.sh|ignite.bat` script. +Read more about link:/quick-start/java#starting_a_node[starting a node]. + +NOTE: Ignite should have enough permissions to work correctly. +You may apply the most straightforward way that is granting to Ignite the `java.security.AllPermission` permission, +but you should remember the "giving permissions as low as possible" security principle. + +- The second condition to activate the Ignite Sandbox is _an implementation of the `GridSecurityProcessor` interface must be installed_. Review comment: ok ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
