mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-27 10:02:01 +00:00
Add a comment
This commit is contained in:
parent
0b4e643c27
commit
b3a06175e7
@ -86,6 +86,16 @@ private:
|
|||||||
struct TableFunctionProperties
|
struct TableFunctionProperties
|
||||||
{
|
{
|
||||||
Documentation documentation;
|
Documentation documentation;
|
||||||
|
|
||||||
|
/** It is determined by the possibility of modifying any data or making requests to arbitrary hostnames.
|
||||||
|
*
|
||||||
|
* If users can make a request to an arbitrary hostname, they can get the info from the internal network
|
||||||
|
* or manipulate internal APIs (say - put some data into Memcached, which is available only in the corporate network).
|
||||||
|
* This is named "SSRF attack".
|
||||||
|
* Or a user can use an open ClickHouse server to amplify DoS attacks.
|
||||||
|
*
|
||||||
|
* In those cases, the table function should not be allowed in readonly mode.
|
||||||
|
*/
|
||||||
bool allow_readonly = false;
|
bool allow_readonly = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user