cgivre commented on PR #2713: URL: https://github.com/apache/drill/pull/2713#issuecomment-1339798220
> @cgivre > > > I guess my first question is whose permissions will these commands run under? > > Another thing to think about is making sure that users can't arbitrarily add this code somehow to a query. > > They'll run under the Drill process user. That user doesn't need much access to the OS but it generally will have lots of access, possibly including write, to data storage. My biggest concerns would be that a user could execute malicious commands and escalate privileges or access things that they don't have access to. However, in order to enable/disable plugins, the user has to be an admin anyway, so I think it will be ok. I'd say we should be ok as long as we provide a boot level option to disable it. > > > Another thing to think about is making sure that users can't arbitrarily add this code somehow to a query. > > Can't table functions set format config options but not storage config options? You are correct. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@drill.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
