Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Fix Version/s: 3.11.x
    • Component/s: None
    • Labels:
      None

      Description

      CASSANDRA-9402 introduced a sandbox using a thread-pool to enforce security constraints and to detect "amok UDFs" - i.e. UDFs that essentially never return (e.g. while (true).

      Currently the safest way to react on such an "amok UDF" is to fail-fast - to stop the C* daemon since stopping a thread (in Java) is just no solution.

      CASSANDRA-9890 introduced further protection by inspecting the byte-code. The same mechanism can also be used to manipulate the Java-UDF byte-code.

      By manipulating the byte-code I mean to add regular "is-amok-UDF" checks in the compiled code.

      EDIT: These "is-amok-UDF" checks would also work for UNFENCED Java-UDFs.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                snazy Robert Stupp
                Reporter:
                snazy Robert Stupp
                Reviewer:
                Tyler Hobbs
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: