[
https://issues.apache.org/jira/browse/CALCITE-1830?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Julian Hyde resolved CALCITE-1830.
----------------------------------
Resolution: Fixed
Fix Version/s: 1.13.0
Fixed in http://git-wip-us.apache.org/repos/asf/calcite/commit/d393cab2.
> ProcessBuilder is security sensitive; move it to test suite to prevent
> accidents
> ---------------------------------------------------------------------------------
>
> Key: CALCITE-1830
> URL: https://issues.apache.org/jira/browse/CALCITE-1830
> Project: Calcite
> Issue Type: Bug
> Reporter: Julian Hyde
> Assignee: Julian Hyde
> Fix For: 1.13.0
>
>
> The {{java.lang.ProcessBuilder}} class is security-sensitive because it
> creates operating system processes. It would be a security concern only if
> Calcite called it with user data, and that is not and never has been the case.
> It is currently only used by the test suite. This change moves use of the
> method into the test module, to prevent developers accidentally introducing
> security issues in future.
> Public method {{Util.runAppProcess}} is removed without notice; two methods
> named {{Util.newAppProcess}} and one named {{Util.runApplication}} were
> previously marked "deprecated, to be removed before 2.0" and are also removed.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
