Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request]: Add a filter to check code used by the janino transforms #4238

Closed
hansva opened this issue Aug 23, 2024 · 1 comment
Closed

[Feature Request]: Add a filter to check code used by the janino transforms #4238

hansva opened this issue Aug 23, 2024 · 1 comment
Assignees
@hansva
Labels
Documentation new feature P2 Default Priority Transforms
Milestone
2.10

Comments

@hansva
Copy link
Contributor

hansva commented Aug 23, 2024

What would you like to happen?

Add a "code scanner" to the janino transforms:

  • Allow Admins/Users to define a list of strings that are not allowed to be executed

Sandboxing is no longer an option after Java 17 as the security manager is deprecated. However, we want to limit the code a user can execute using the UDJE and UDJC. A simple approach is to search for strings in the code and block execution if it contains that code. This way we can block eg. System. calls

Issue Priority

Priority: 2

Issue Component

Component: Documentation, Component: Transforms
@hansva
Copy link
Contributor Author

hansva commented Aug 23, 2024

.take-issue

@github-actions github-actions bot added this to the 2.10 milestone Aug 23, 2024
@hansva hansva closed this as completed in 453d577 Aug 23, 2024
hansva added a commit that referenced this issue Aug 23, 2024
@hansva
Merge pull request #4239 from hansva/4238
95b06e7 
Add option to block execution of specific code. fixes #4238
hansva added a commit to hansva/hop that referenced this issue Aug 28, 2024
@hansva
Add option to block execution of specific code. fixes apache#4238
ab2913e
hansva added a commit that referenced this issue Aug 28, 2024
@hansva
Merge pull request #4251 from hansva/main
76f2a45 
Add option to block execution of specific code. fixes #4238
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hansva hansva

Labels
Documentation new feature P2 Default Priority Transforms
Projects
None yet
Milestone
2.10
Development

No branches or pull requests
1 participant
@hansva