Details

    • Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Fix Version/s: 4.x
    • Component/s: Core
    • Labels:

      Description

      From discussion on CASSANDRA-9402,

      The approach postgresql takes is to distinguish between "trusted" (sandboxed) and "untrusted" (anything goes) UDF languages.

      Creating an untrusted language always requires superuser mode. Once that is done, creating functions in it requires nothing special.

      Personally I would be fine with this approach, but I think it would be more useful to have the extra permission on creating the function, and also wouldn't require adding explicit CREATE LANGUAGE.

      So I'd suggest just providing different CQL permissions for trusted and untrusted, i.e. if you have CREATE FUNCTION permission that allows you to create sandboxed UDF, but you can only create unsandboxed if you have CREATE UNTRUSTED.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                snazy Robert Stupp
                Reporter:
                jbellis Jonathan Ellis
              • Votes:
                1 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated: