Hi Benjamin, Hi everybody, I found in the documentation that we should add "allow_insecure_udfs: true" and optionally "allow_extra_insecure_udfs: true" so that "enable_user_defined_functions_threads: false" is really taken into account (I understood like that). That would explain why my UDF still does not run even with "enable_user_defined_functions_threads: false". Found in https://github.com/apache/cassandra/blob/cassandra-4.0/NEWS.txt
So I tried to add "allow_insecure_udfs: true" and "allow_extra_insecure_udfs: true" in cassandra.yaml, but then Cassandra failed to restart and I got that error in logs "Exception (org.apache.cassandra.exceptions.ConfigurationException) encountered during startup: Invalid yaml. Please remove properties [allow_insecure_udfs, allow_extra_insecure_udfs] from your cassandra.yaml". Should I understand that we can activate that 2 extra confs only by changing source code? That would be really disappointing :( And if no, then how to activate all UDF possibilities from cassandra.yaml please? Thanks in advance, Sébastien. Le mar. 5 avr. 2022 à 10:36, Benjamin Lerer <ble...@apache.org> a écrit : > Unfortunately, I do not have much time for doing some digging. Sorry for > that :-( > You should look at JavaBasedUDFunction and UDFExecutorServic. > > Le lun. 4 avr. 2022 à 17:25, Sébastien Rebecchi <srebec...@kameleoon.com> > a écrit : > >> Hi! >> Do you have any more ideas for me? >> Cordially, >> Sébastien. >> >> Le lun. 28 mars 2022 à 16:39, Sébastien Rebecchi <srebec...@kameleoon.com> >> a écrit : >> >>> Unfortunately, it is not working even with >>> "enable_user_defined_functions_threads: false" in cassandra.yaml :/ >>> Is there any way to check the running configuration? >>> >>> Le lun. 28 mars 2022 à 15:35, Benjamin Lerer <ble...@apache.org> a >>> écrit : >>> >>>> I do not think that allowing to customize UDF classes whitelist has >>>> been discussed before. Feel free to open a JIRA ticket :-) >>>> I have some plans to revisit how we securise UDFs as the current >>>> threading approach has some impact in terms of latency. That can be a good >>>> opportunity to look into providing more flexibility. >>>> >>>> Le lun. 28 mars 2022 à 15:00, Sébastien Rebecchi < >>>> srebec...@kameleoon.com> a écrit : >>>> >>>>> Thanks you very much! I will try that. >>>>> As you know, would it be a long-terms solution? Or is there any plan >>>>> to add the possibility to customize UDF classes whitelist? >>>>> >>>>> Le lun. 28 mars 2022 à 14:31, Benjamin Lerer <ble...@apache.org> a >>>>> écrit : >>>>> >>>>>> Is there a way to customize that default behaviour? >>>>>> >>>>>> >>>>>> Looking at JavaBasedUDFunction quickly it seems that the ClassLoader >>>>>> is only used when you use the UDFExecutorService to execute your >>>>>> UDFs. You can try to disable it using >>>>>> "enable_user_defined_functions_threads: false" and see if it works. >>>>>> Now that also means that you have to ensure that only trusted persons >>>>>> can create UDF or UDA as it removes all safety mechanisms. >>>>>> >>>>>> Le lun. 28 mars 2022 à 13:23, Sébastien Rebecchi < >>>>>> srebec...@kameleoon.com> a écrit : >>>>>> >>>>>>> Hi Benjamin, >>>>>>> >>>>>>> Thanks for the answer. >>>>>>> Is there a way to customize that default behaviour? If no, could you >>>>>>> indicate where to find this class loader in the github of Cassandra >>>>>>> please? >>>>>>> >>>>>>> Le lun. 28 mars 2022 à 12:40, Benjamin Lerer <ble...@apache.org> a >>>>>>> écrit : >>>>>>> >>>>>>>> Hi Sébastien, >>>>>>>> >>>>>>>> Cassandra uses a special classloader for UDFs that limit which >>>>>>>> classes can be used. >>>>>>>> You cannot rely on non-JDK classes for UDFs and some of the JDK >>>>>>>> packages like the IO package for example cannot be used. >>>>>>>> The goal is simply to ensure that UDFs cannot compromise the server >>>>>>>> security. >>>>>>>> >>>>>>>> Le lun. 28 mars 2022 à 11:31, Sébastien Rebecchi < >>>>>>>> srebec...@kameleoon.com> a écrit : >>>>>>>> >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> I am trying to create a UDF based on custom methods. >>>>>>>>> So I set enable_user_defined_functions to true and added a jar in >>>>>>>>> "/usr/share/cassandra/lib/" folder on every node, restarted the nodes >>>>>>>>> and I >>>>>>>>> can see from the command line that the jar is indeed used (in the >>>>>>>>> classpath >>>>>>>>> with -cp). >>>>>>>>> >>>>>>>>> But when i create the UDF I got that error: >>>>>>>>> >>>>>>>>> CREATE OR REPLACE FUNCTION blobToJson (input blob) RETURNS NULL ON >>>>>>>>> NULL INPUT RETURNS text LANGUAGE java AS 'return >>>>>>>>> com.kameleoon.visit.Visit.writeToJson(com.kameleoon.visit.Visit.readFromByteBuffer(input));'; >>>>>>>>> InvalidRequest: Error from server: code=2200 [Invalid query] >>>>>>>>> message="Java source compilation failed: >>>>>>>>> Line 1: com.kameleoon.visit.Visit cannot be resolved to a type >>>>>>>>> Line 1: com.kameleoon.visit.Visit cannot be resolved to a type >>>>>>>>> >>>>>>>>> Of course the class com.kameleoon.visit.Visit does exist in the >>>>>>>>> jar and the jar has read rights to every user (chmod 444). So I can >>>>>>>>> not >>>>>>>>> find the reason. >>>>>>>>> >>>>>>>>> versions are: [cqlsh 6.0.0 | Cassandra 4.0.1 | CQL spec 3.4.5 | >>>>>>>>> Native protocol v5] >>>>>>>>> >>>>>>>>> Any help would be appreciated! >>>>>>>>> >>>>>>>>> Thanks! >>>>>>>>> >>>>>>>>> Sébastien. >>>>>>>>> >>>>>>>>
