[GitHub] asdf2014 commented on issue #5006: No protections for select query
asdf2014 commented on issue #5006: No protections for select query URL: https://github.com/apache/incubator-druid/issues/5006#issuecomment-412314321 @RestfulBlue Good point. I agree with you. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For additional commands, e-mail: commits-h...@druid.apache.org
[GitHub] asdf2014 commented on issue #5006: No protections for select query
asdf2014 commented on issue #5006: No protections for select query URL: https://github.com/apache/incubator-druid/issues/5006#issuecomment-412035950 Hi, @RestfulBlue . Indeed, we should analyze the query sql based on cost, then we can add some limitations for malicious query to protect druid cluster. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For additional commands, e-mail: commits-h...@druid.apache.org
[GitHub] asdf2014 commented on issue #5006: No protections for select query
asdf2014 commented on issue #5006: No protections for select query URL: https://github.com/apache/incubator-druid/issues/5006#issuecomment-411335095 > some ui apps, like grafana/metabase/etc. if we let every analytic/data scientist in our company access to api , then entire druid cluster will crash really soon Hi, @RestfulBlue . Maybe you can try [Apache Superset](https://github.com/apache/superset), which supports permission control to prevent ordinary users from sending queries that consume a lot of server resources, in addition, Superset also can predefine some dashboards instead of directly exposing the query api. Tips: There is an [article](https://yuzhouwan.com/posts/743/) about superset on my personal blog that might help you. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For additional commands, e-mail: commits-h...@druid.apache.org