Francesco Chicchiriccò created SYNCOPE-1907:
-----------------------------------------------
Summary: Run Groovy code in a sandbox
Key: SYNCOPE-1907
URL: https://issues.apache.org/jira/browse/SYNCOPE-1907
Project: Syncope
Issue Type: Improvement
Components: core
Reporter: Francesco Chicchiriccò
Assignee: Francesco Chicchiriccò
Fix For: 3.0.14, 4.0.2, 4.1.0
With reference to Implementations of Syncope interfaces in the context of a
given deployment:
* Java Implementations are normally managed along with the rest of the code,
thus are supposed to go through a review process before getting effectively
deployed
* Groovy Implementations are immediately loaded and potentially run by a
delegated administrator, thus effectively skipping any superior review before
being effective
The effects of the latter could be controlled by requiring the Groovy code to
run in a sandbox: see [this
post|https://levelup.gitconnected.com/secure-groovy-script-execution-in-a-sandbox-ea39f80ee87]
and [this library|https://github.com/Tirasa/groovy-security-sandbox].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
