RussellSpitzer commented on issue #16491: URL: https://github.com/apache/iceberg/issues/16491#issuecomment-4503902550
Not a security issue. Requires a malicious catalog which already can do a lot of damage without this endpoint. The examples given of proprieties to block have legitimate use-cases for Catalog side config. One of which is actually explicitly written into the spec in the explanation of why we want to allow this. ``` For example, config may contain a specific FileIO implementation class for the table depending on its underlying storage ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
