[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133719#comment-17133719
]
Ash Berlin-Taylor commented on CASSANDRA-15862:
---
Thanks [~aboudreault] ! (Work, as always, rather got away from me, and I fell
down when I needed to sign up for a new account)
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
> Components: Legacy/Core
>Reporter: Ash Berlin-Taylor
>Assignee: Sam Tunnicliffe
>Priority: Normal
> Fix For: 2.2.x, 3.0.x, 3.11.x, 4.0-alpha
>
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133649#comment-17133649
]
Jordan West commented on CASSANDRA-15862:
-
Patch LGTM. The failing unit tests are known to be flaky and are unrelated
(along with a clean run on trunk). Lets run the other parts of the suite
besides unit tests for good measure but otherwise +1.
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
> Components: Legacy/Core
>Reporter: Ash Berlin-Taylor
>Assignee: Sam Tunnicliffe
>Priority: Normal
> Fix For: 2.2.x, 3.0.x, 3.11.x, 4.0-alpha
>
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133375#comment-17133375
]
Alan Boudreault commented on CASSANDRA-15862:
-
Just created the python driver ticket about this:
https://datastax-oss.atlassian.net/browse/PYTHON-1250
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Ash Berlin-Taylor
>Priority: Normal
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128681#comment-17128681
]
Ash Berlin-Taylor commented on CASSANDRA-15862:
---
No, not at all! Feel free.
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Ash Berlin-Taylor
>Priority: Normal
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128647#comment-17128647
]
Jordan West commented on CASSANDRA-15862:
-
[~jjirsa] you beat me to it
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Ash Berlin-Taylor
>Priority: Normal
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128645#comment-17128645
]
Jeff Jirsa commented on CASSANDRA-15862:
Worth noting that while the python api is not in apache cassandra, that doesn't
mean there's not room to fix things here:
{code}
jjirsa:cassandra jjirsa$ grep -ir whitelist src/ | wc -l
19
jjirsa:cassandra jjirsa$ grep -ir blacklist src/ | wc -l
65
jjirsa:cassandra jjirsa$
{code}
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Ash Berlin-Taylor
>Priority: Normal
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[
https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128619#comment-17128619
]
Jordan West commented on CASSANDRA-15862:
-
[~ash] thank you for raising this issue. Its great you are making an effort to
change this. Unfortunately, at this time, the Python client is not *yet* under
the purview of this JIRA -- the drivers are not currently owned by the Apache
project. I will mention this ticket in our Slack channel where some of the
client developers are also present. I would recommend contacting the project
directly in the meantime:
https://datastax-oss.atlassian.net/projects/PYTHON/issues/?filter=allissues&;.
After that has been completed, it looks like we have some follow-up to do in
cqlsh to remove the references.
> Use "allow list" or "safe list" instead of the term "whitelist"
>
>
> Key: CASSANDRA-15862
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15862
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Ash Berlin-Taylor
>Priority: Normal
>
> Language matters. I'd like to remove all references in Apache Airflow to
> whitelist or black list, and the Cassandra Python API has some that we can't
> easily remove.
> The recent global events have made this even more relevant, but this has been
> on my radar for a while now. Here is a well written article for why I think
> it matters
> https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
> {quote}It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security.
> However, there's an issue with the terminology. It only makes sense if you
> equate white with 'good, permitted, safe' and black with 'bad, dangerous,
> forbidden'. There are some obvious problems with this. {quote}
> My exposure to is via the Python API where there is the
> cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be
> renamed to AllowListRoundRobinPolicy instead. I do not know if there are
> other references.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
