arrdalan commented on PR #4048: URL: https://github.com/apache/texera/pull/4048#issuecomment-3555298288
Two suggestions: First, it is not clear whether REGULAR users are trusted or not. The document says that "Note: REGULAR users can execute arbitrary code within workflows, so this role should only be granted to trusted individuals." The document also says that "[REGULAR users cannot] Access other users' private resources without granted permissions ...", which implies they are not trusted. My suggestion is clarify this and assume that REGULAR users are fully untrusted. Even if they are allowed to execute arbitrary code, their code should be properly sandboxed with that threat model in mind. Second, the document says that "User Code Execution" and "Third-Party Dependencies" are not security issues. The former is a feature, and not a vulnerability. Yet, if it can be used to exploit a vulnerability in Texera, that should be considered a security issue. The latter should be a security issue as well as vulnerabilities in third-party dependencies could be exploitable. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
