You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Zoran Regvart (JIRA)" <ji...@apache.org> on 2017/10/20 08:27:00 UTC

[jira] [Created] (CAMEL-11928) Isolation for unmarshallers

Zoran Regvart created CAMEL-11928:
-------------------------------------

             Summary: Isolation for unmarshallers
                 Key: CAMEL-11928
                 URL: https://issues.apache.org/jira/browse/CAMEL-11928
             Project: Camel
          Issue Type: New Feature
          Components: camel-core
            Reporter: Zoran Regvart
            Assignee: Zoran Regvart


I propose that we try to experiment isolating points of interaction with externally specified data in the unmarshallers with the purpose of not allowing data passed in the marshaller to trigger code execution or similar security issue.
This could be a per Camel context property that we could add or a per route or unmarshaller setting that can be set. Along with this property another property white listing the allowed classes/packages to be loaded by the unmarshaller would be required.
I think this can be accomplished by loading and running the unmarshaller within a ClassLoader that consults this whitelist, but also whitelists classes and dependencies of the unmarshaller.
This is of course an experiment, and it could be well proven that such an implementation would be too complex or much to difficult to use. I would not like to duplicate any effort done by Java modules, OSGI or any other module system.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)