Details
Description
We should provide a restricted environment (sandbox) in which to run user-defined code securely. To get it done, we would use the java sandbox model.
The java sandbox model allows restricting access from user-defined code to the system resources or security-sensitive feature of java, for example, reflection.
The user-defined code contains:
- StreamReceiver for DataStreamer:
- EntryProcessor;
- ComputeJob;
- filter and transformer for ScanQuery.
The user-defined code will get permissions from GridSecuerityProcessor (security plugin).
Attachments
Issue Links
- blocks
-
IGNITE-12282 Access restriction to the internal package of Ignite
- Resolved
- relates to
-
IGNITE-12283 Getting proxied components of Ignite through the Ignition interface inside the sandbox
- Resolved
- requires
-
IGNITE-9560 Security Engine fixes and test coverage. Phase #1.
- Resolved
- links to