You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Should there be an API to allow clients to upload ex. jboss-client.jar to Cryostat's storage in a place that is added to the Cryostat classpath, so that end users can extend their Cryostat deployment to support other protocols than rmi?
The text was updated successfully, but these errors were encountered:
I feel like this could be risky from a security perspective. This may be better suited for the operator, or have the user manually edit the Cryostat deployment. For example, the authenticated Cryostat user may have permission to read objects in the namespace, but not to modify the Cryostat deployment. So there could be some potential for privilege escalation there.
Since #599 , maybe we can support this now. Maybe in conjunction with #662 , although that means it may miss 2.0.0. Still, it seems like we should be able to create this upload handler which allows adding libraries but only if the user has an UPDATE_CRYOSTAT permission, which we can map to patch cryostats or similar.
#482 (comment)
Should there be an API to allow clients to upload ex.
jboss-client.jar
to Cryostat's storage in a place that is added to the Cryostat classpath, so that end users can extend their Cryostat deployment to support other protocols thanrmi
?The text was updated successfully, but these errors were encountered: