You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "Swapnil Bawaskar (JIRA)" <ji...@apache.org> on 2018/02/01 22:52:41 UTC

[jira] [Closed] (GEODE-3923) Provide whitelist/blacklist capability for java serialization

     [ https://issues.apache.org/jira/browse/GEODE-3923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Swapnil Bawaskar closed GEODE-3923.
-----------------------------------

> Provide whitelist/blacklist capability for java serialization
> -------------------------------------------------------------
>
>                 Key: GEODE-3923
>                 URL: https://issues.apache.org/jira/browse/GEODE-3923
>             Project: Geode
>          Issue Type: New Feature
>          Components: docs
>            Reporter: Bruce Schuchardt
>            Assignee: Karen Smoler Miller
>            Priority: Major
>             Fix For: 1.4.0
>
>
> I would like to be able to restrict what classes of objects Geode will allow to be deserialized via Java's ObjectInputStream in clients and servers.  Something similar to the mechanism recently added to the JRE (http://openjdk.java.net/jeps/290) would be pretty cool.  Geode would have to whitelist its own stuff, of course, so I don't have to deal with it.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)