You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Zoran Regvart (JIRA)" <ji...@apache.org> on 2017/10/20 08:27:00 UTC
[jira] [Created] (CAMEL-11928) Isolation for unmarshallers
Zoran Regvart created CAMEL-11928:
-------------------------------------
Summary: Isolation for unmarshallers
Key: CAMEL-11928
URL: https://issues.apache.org/jira/browse/CAMEL-11928
Project: Camel
Issue Type: New Feature
Components: camel-core
Reporter: Zoran Regvart
Assignee: Zoran Regvart
I propose that we try to experiment isolating points of interaction with externally specified data in the unmarshallers with the purpose of not allowing data passed in the marshaller to trigger code execution or similar security issue.
This could be a per Camel context property that we could add or a per route or unmarshaller setting that can be set. Along with this property another property white listing the allowed classes/packages to be loaded by the unmarshaller would be required.
I think this can be accomplished by loading and running the unmarshaller within a ClassLoader that consults this whitelist, but also whitelists classes and dependencies of the unmarshaller.
This is of course an experiment, and it could be well proven that such an implementation would be too complex or much to difficult to use. I would not like to duplicate any effort done by Java modules, OSGI or any other module system.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)