Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply the ExtensionSecurityManager to UDAFs #8662

Closed
jnh5y opened this issue Jan 26, 2022 · 2 comments
Closed

Apply the ExtensionSecurityManager to UDAFs #8662

jnh5y opened this issue Jan 26, 2022 · 2 comments
Assignees
@jnh5y
Labels
enhancement P0 Denotes must-have for a given milestone security streaming-engine Tickets owned by the ksqlDB Streaming Team user-defined-functions Tickets about UDF, UDAF, UDTF

Comments

@jnh5y
Copy link
Member

jnh5y commented Jan 26, 2022

Is your feature request related to a problem? Please describe.
UDFs use the ExtensionSecurityManager to prevent certain calls (such as System.exit() or loading C libraries) from being made.

Describe the solution you'd like
The ExtensionSecurityManager should applied to UDAF loading and execution.

Describe alternatives you've considered
I do not see any obvious alternatives.
@agavra agavra added the streaming-engine Tickets owned by the ksqlDB Streaming Team label Jan 28, 2022
@suhas-satish suhas-satish added P0 Denotes must-have for a given milestone security and removed needs-triage labels Feb 1, 2022
@jnh5y jnh5y added the user-defined-functions Tickets about UDF, UDAF, UDTF label Feb 3, 2022
@jnh5y
Copy link
Member Author

jnh5y commented Feb 3, 2022

This also should cover applying security to all functions which are called due to a UDF/UDAF/UDTF. E.g., schemaProvider annotations, configure, etc.

@jnh5y jnh5y mentioned this issue Feb 8, 2022
Closed
2 tasks
jnh5y added a commit that referenced this issue Mar 15, 2022
@jnh5y
feat: Apply the ExtensionSecurityManager to UDAFs
4437a44 
Addresses #8662
jnh5y added a commit that referenced this issue Mar 15, 2022
@jnh5y
fix: Apply the ExtensionSecurityManager to UDAFs
882b6a0 
Addresses #8662
@jnh5y jnh5y mentioned this issue Mar 15, 2022
Merged
2 tasks
jnh5y added a commit that referenced this issue Mar 24, 2022
@jnh5y
fix: Apply the ExtensionSecurityManager to UDAFs (#8776)
a37688c 
* fix: Apply the ExtensionSecurityManager to UDAFs

Addresses #8662
@jnh5y
Copy link
Member Author

jnh5y commented Mar 28, 2022

The PR #8776 handles this issue.

@jnh5y jnh5y closed this as completed Mar 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jnh5y jnh5y

Labels
enhancement P0 Denotes must-have for a given milestone security streaming-engine Tickets owned by the ksqlDB Streaming Team user-defined-functions Tickets about UDF, UDAF, UDTF
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jnh5y @agavra @suhas-satish