You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ignite.apache.org by "Denis Garus (Jira)" <ji...@apache.org> on 2020/04/24 13:27:00 UTC
[jira] [Updated] (IGNITE-12283) Access restriction to IgniteKernal
[ https://issues.apache.org/jira/browse/IGNITE-12283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Denis Garus updated IGNITE-12283:
---------------------------------
Description:
IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack.
We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code.
Additionally, a proxied instance of Ignite allows users to use public API of Ignite. Otherwise, using public API inside the sandbox without proxying can be the reason for access control errors.
was:
IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack.
We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code.
> Access restriction to IgniteKernal
> ----------------------------------
>
> Key: IGNITE-12283
> URL: https://issues.apache.org/jira/browse/IGNITE-12283
> Project: Ignite
> Issue Type: Task
> Reporter: Denis Garus
> Assignee: Denis Garus
> Priority: Major
> Labels: iep-38
> Time Spent: 10m
> Remaining Estimate: 0h
>
> IgniteKernal allows a user-defined code to get access to the internal features of Ignite. That behavior leads to security lack.
> We must encapsulate _IgniteKernal_ to restrict access to it from user-defined code.
> Additionally, a proxied instance of Ignite allows users to use public API of Ignite. Otherwise, using public API inside the sandbox without proxying can be the reason for access control errors.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)