Uploaded image for project: 'Apache Avro'
  1. Apache Avro
  2. AVRO-3985

Restrict trusted packages in ReflectData and SpecificData

    XMLWordPrintableJSON

Details

    Description

      Right now, there's no check in allowed packages in ReflectData and SpecificData.

      That could be problematic for marshalling/unmarshalling, as the as malicious payload can exploit the host system.

      I propose to introduce a org.apache.avro.TRUSTED_PACKAGES system property:

      -Dorg.apache.avro.TRUSTED_PACKAGES=my.package,my.other.package,...

      In case we want to shortcut the mechanism, we would be able to allow all packages to be trusted using * wildcard:

      -Dorg.apache.avro.TRUSTED_PACKAGES=*

      By default, I would recommend to have limited trusted packages: java.lang,javax.security,java.util,org.apache.avro.

      Attachments

        Activity

          People

            Unassigned Unassigned
            jbonofre Jean-Baptiste Onofré
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2.5h
                2.5h