[
https://issues.apache.org/jira/browse/IGNITE-12283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Denis Garus updated IGNITE-12283:
-
Description:
IgniteKernal allows a user-defined code to get access to the internal features
of Ignite. That behavior leads to security lack.
We must encapsulate _IgniteKernal_ to restrict access to it from user-defined
code.
Additionally, a proxied instance of Ignite allows users to use public API of
Ignite. Otherwise, using public API inside the sandbox without proxying can be
the reason for access control errors.
was:
IgniteKernal allows a user-defined code to get access to the internal features
of Ignite. That behavior leads to security lack.
We must encapsulate _IgniteKernal_ to restrict access to it from user-defined
code.
> Access restriction to IgniteKernal
> --
>
> Key: IGNITE-12283
> URL: https://issues.apache.org/jira/browse/IGNITE-12283
> Project: Ignite
> Issue Type: Task
>Reporter: Denis Garus
>Assignee: Denis Garus
>Priority: Major
> Labels: iep-38
> Time Spent: 10m
> Remaining Estimate: 0h
>
> IgniteKernal allows a user-defined code to get access to the internal
> features of Ignite. That behavior leads to security lack.
> We must encapsulate _IgniteKernal_ to restrict access to it from
> user-defined code.
> Additionally, a proxied instance of Ignite allows users to use public API of
> Ignite. Otherwise, using public API inside the sandbox without proxying can
> be the reason for access control errors.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
