> > Obviously lambdas wouldn't work but that might be fine for many > applications.
I would make a bet that lambdas are used in most production systems. When I work with customers, I usually try to rewrite queries and prevent the use of lambdas, but often there's simply no way to do the same thing without lambdas without taking a performance hit. So if you're going to make it an option in Gremlin Server, cool, but we shouldn't disallow lambdas altogether. That's probably what you meant, but I thought it might be good to emphasize it. Cheers, Daniel On Tue, Sep 19, 2017 at 11:05 AM, Stephen Mallette <[email protected]> wrote: > I just updated the reference docs for Gremlin Server to include some more > wording on security. I just wanted to make it more clear that Gremlin > Server executes arbitrary code. I like to think people get that and > understand the implications of what that means from a security perspective, > but.......... > > I didn't add much more on "how to secure Gremlin Server" because I think > what we allow for is pretty much well documented: > > 1. Authentication > 2. Encryption > 3. Script Execution Management > > I feel like there might be a fourth category that involves discussing how > to physically protect Gremlin Server with firewall/network stuff, but I'm > probably not the best person to write that (or it's simply out of scope for > our reference docs). If someone else has experience with that sort of thing > and wants to provide advice, a pull request in that area would be nice. > > I also wonder if we shouldn't allow Gremlin Server to be run without the > script execution enabled. In other words, just allow the > TraversalOpProcessor to execute incoming requests - make it work in a > GLV-only mode basically. Obviously lambdas wouldn't work but that might be > fine for many applications. > > Any thoughts? >
