This is the beginning of a long and slippery slope to the end of the road. There is no way to actually achieve what the title says. You cannot identify in advance every threat that is going to come in the future. If you can't trust the people who are authorized to deploy code then your business is over. Just my humble opinion.
-- Mike Stolz Principal Engineer, GemFire Product Manager Mobile: 631-835-4771 On Fri, Jan 6, 2017 at 6:40 PM, Kirk Lund (JIRA) <j...@apache.org> wrote: > > [ https://issues.apache.org/jira/browse/GEODE-1960?page= > com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] > > Kirk Lund updated GEODE-1960: > ----------------------------- > Labels: ClassLoader DeployCommand deploy (was: DeployCommand deploy) > > > Provide protection against malicious developer jars deployed as functions > > ------------------------------------------------------------ > ------------- > > > > Key: GEODE-1960 > > URL: https://issues.apache.org/jira/browse/GEODE-1960 > > Project: Geode > > Issue Type: Improvement > > Components: functions, security > > Reporter: Diane Hardman > > Priority: Minor > > Labels: ClassLoader, DeployCommand, deploy > > > > Provide protection for functions that might contain malicious calls like > System.exit(). > > > > -- > This message was sent by Atlassian JIRA > (v6.3.4#6332) >
