[jira] [Updated] (NIFI-3662) Components which allow users to alter the classpath at runtime should be 'restricted'
[ https://issues.apache.org/jira/browse/NIFI-3662?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-3662: --- Labels: security (was: ) > Components which allow users to alter the classpath at runtime should be > 'restricted' > - > > Key: NIFI-3662 > URL: https://issues.apache.org/jira/browse/NIFI-3662 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework >Reporter: Joe Witt >Priority: Critical > Labels: security > Attachments: NIFI-6189Offloading a shut down node will never end > until a full reset.url > > > A lot of great work has gone into making it easy to run multiple versions of > the same component in parallel with isolated classloaders and to restructure > classloaders on the fly as needed to deal with certain libraries that do evil > things with statics and to enable users to add jars/code to the classpath of > their components at runtime as needed. For example, the HDFS processors can > now be extended to support protocols like WASB. > These things are all really valuable. > We also recently introduced the concept of restricted components to ensure > that special authorization is required for users to be able to use certain > processors which could easily be used to access portions of the system or > execute arbitrary code. > We should update the framework to detect components/extensions that allow > runtime classpath manipulation and automatically mark them as restricted > regardless of whether the developer did so. And we should update the > restricted components docs to articulate this. > By being able to alter the classpath at runtime this is just as justified as > the other reasons we had previously noted for marking a component > 'restricted'. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (NIFI-3662) Components which allow users to alter the classpath at runtime should be 'restricted'
[ https://issues.apache.org/jira/browse/NIFI-3662?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Qiong Wei updated NIFI-3662: Attachment: NIFI-6189Offloading a shut down node will never end until a full reset.url > Components which allow users to alter the classpath at runtime should be > 'restricted' > - > > Key: NIFI-3662 > URL: https://issues.apache.org/jira/browse/NIFI-3662 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework >Reporter: Joseph Witt >Priority: Critical > Attachments: NIFI-6189Offloading a shut down node will never end > until a full reset.url > > > A lot of great work has gone into making it easy to run multiple versions of > the same component in parallel with isolated classloaders and to restructure > classloaders on the fly as needed to deal with certain libraries that do evil > things with statics and to enable users to add jars/code to the classpath of > their components at runtime as needed. For example, the HDFS processors can > now be extended to support protocols like WASB. > These things are all really valuable. > We also recently introduced the concept of restricted components to ensure > that special authorization is required for users to be able to use certain > processors which could easily be used to access portions of the system or > execute arbitrary code. > We should update the framework to detect components/extensions that allow > runtime classpath manipulation and automatically mark them as restricted > regardless of whether the developer did so. And we should update the > restricted components docs to articulate this. > By being able to alter the classpath at runtime this is just as justified as > the other reasons we had previously noted for marking a component > 'restricted'. -- This message was sent by Atlassian Jira (v8.3.4#803005)
