Re: [PR] [#7547] Validate JDBC [gravitino]

via GitHub Thu, 03 Jul 2025 02:02:44 -0700


yuqi1129 commented on code in PR #7548:
URL: https://github.com/apache/gravitino/pull/7548#discussion_r2182255572



##########
catalogs/catalog-jdbc-common/src/main/java/org/apache/gravitino/catalog/jdbc/utils/DataSourceUtils.java:
##########
@@ -37,6 +39,26 @@ public class DataSourceUtils {
   /** SQL statements for database connection pool testing. */
   private static final String POOL_TEST_QUERY = "SELECT 1";
 
+  private static final List<String> unsafeMySQLParameters =
+      Arrays.asList(
+          "maxAllowedPacket",
+          "autoDeserialize",
+          "queryInterceptors",
+          "statementInterceptors",
+          "detectCustomCollations",
+          "allowloadlocalinfile",
+          "allowUrlInLocalInfile",
+          "allowLoadLocalInfileInPath");

Review Comment:
   I believe you can assess the risk of each configuration item by using either 
LLM or search engines,  there should be a lot of document about it. 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] [#7547] Validate JDBC [gravitino]

Reply via email to