Allow Admins/Users to define a list of strings that are not allowed to be executed
Sandboxing is no longer an option after Java 17 as the security manager is deprecated. However, we want to limit the code a user can execute using the UDJE and UDJC. A simple approach is to search for strings in the code and block execution if it contains that code. This way we can block eg. System. calls
hansva
commented
3 weeks ago
What would you like to happen?
Add a "code scanner" to the janino transforms:
Sandboxing is no longer an option after Java 17 as the security manager is deprecated. However, we want to limit the code a user can execute using the UDJE and UDJC. A simple approach is to search for strings in the code and block execution if it contains that code. This way we can block eg.
System.callsIssue Priority
Priority: 2
Issue Component
Component: Documentation, Component: Transforms