You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "Denis Garus (Jira)" <ji...@apache.org> on 2020/04/24 13:27:00 UTC

[jira] [Updated] (IGNITE-12283) Access restriction to IgniteKernal

     [ https://issues.apache.org/jira/browse/IGNITE-12283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Denis Garus updated IGNITE-12283:
---------------------------------
    Description: 
IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack.
 We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code.

Additionally, a proxied instance of Ignite allows users to use public API of Ignite. Otherwise, using public API inside the sandbox without proxying can be the reason for access control errors.

  was:
IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack.
We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code.


> Access restriction to IgniteKernal
> ----------------------------------
>
>                 Key: IGNITE-12283
>                 URL: https://issues.apache.org/jira/browse/IGNITE-12283
>             Project: Ignite
>          Issue Type: Task
>            Reporter: Denis Garus
>            Assignee: Denis Garus
>            Priority: Major
>              Labels: iep-38
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack.
>  We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code.
> Additionally, a proxied instance of Ignite allows users to use public API of Ignite. Otherwise, using public API inside the sandbox without proxying can be the reason for access control errors.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)