I'm ok if it does not break the idea to restrict execution for the signed code only.
On Wed, Apr 4, 2018 at 1:05 PM, Ilya Kasnacheev <ilya.kasnach...@gmail.com> wrote: > Hello! > > > checksum of uploaded java code > > I argue not for Java code but for javascript/nashorn. Ruby or PHP guys > won't be happy about writing java, but they can easily do JS. > > (If we wanted Java, we could make it service grid-oriented. Which is an > interesting idea btw. We can frame local computations as service methods, > let thin clients invoke them. No code sending necessary in this case.) > > Otherwise your suggestions look reasonable. The only thing I'll add, let's > make it a configuration field and not IGNITE_ define for usability. > > Regards, > > -- > Ilya Kasnacheev > > 2018-04-04 12:55 GMT+03:00 Sergey Kozlov <skoz...@gridgain.com>: > > > Hi > > > > We can introduce the rules to use compute tasks execution: > > 1. Disable by default that feature (enabling will require change a > > configuration property and restart cluster) > > 2. Disable by default code sending in the cluster (enabling will > require > > change a configuration property and restart cluster) > > 3. White list of allowed compute tasks: we can collect sha256 checksums > > for codes and allow to execute a task only if checksum of uploaded java > > code is listed in the white list. > > > > On Wed, Apr 4, 2018 at 11:26 AM, Dmitriy Setrakyan < > dsetrak...@apache.org> > > wrote: > > > > > On Tue, Apr 3, 2018 at 5:48 PM, Valentin Kulichenko < > > > valentin.kuliche...@gmail.com> wrote: > > > > > > > Dmitry, > > > > > > > > I just think that it's natural to have this functionality and that it > > > would > > > > drastically increase flexibility of thin client. Multiple requests > from > > > > users (one of them in this thread) seem to confirm this. At the same > > > time, > > > > I don't see much technical challenge here (like with near caches or > > > > continuous queries for example), and therefore don't see why we > should > > be > > > > against this features. > > > > > > > > Can you please elaborate on security risks? What exactly do you have > in > > > > mind? > > > > > > > > > > Val, my main concern was that users would use the thin client to > connect > > to > > > a remote cluster, hosted elsewhere, and could run some malicious code. > > But > > > you are right, it can probably be solved by other means, like a > firewall > > > for example. No objections on adding the compute API to thin clients > from > > > me. > > > > > > > > > > > -- > > Sergey Kozlov > > GridGain Systems > > www.gridgain.com > > > -- Sergey Kozlov GridGain Systems www.gridgain.com
