Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tighten up script security more #10999

Closed
wants to merge 3 commits into from

Conversation

Projects
None yet
2 participants
@rmuir
Copy link
Contributor

rmuir commented May 6, 2015

  • make the special codebase /_untrusted instead of /groovy/script,
    so that e.g. scripting plugins can use this if they want.
  • give _untrusted its own section in policy file, we do this by
    giving it a separate file (as to not have to muck around with
    codebase URLs and break plugins and stuff).
  • protect ES and lucene packages and only grant the ones we need
    to scripts. (yes its 6 and too many, but better than 500)
  • other minor cleanups
Tighten up script security more:
* make the special codebase /_untrusted instead of /groovy/script,
  so that e.g. scripting plugins can use this if they want.
* give _untrusted its own section in policy file, we do this by
  giving it a separate file (as to not have to muck around with
  codebase URLs and break plugins and stuff).
* protect ES and lucene packages and only grant the ones we need
  to scripts. (yes its 6 and too many, but better than 500)
* other minor cleanups

@rmuir rmuir added the v2.0.0-beta1 label May 6, 2015

rmuir added some commits May 7, 2015

@rmuir

This comment has been minimized.

Copy link
Contributor Author

rmuir commented May 8, 2015

Wont fix. Problem is these scripting apis in es need some maturity before i can lock them down. They need to be simpler with more encapsulation, and non scripting code should not be using them. Otherwise the security would be equally complicated, and i dont want that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.