From 15efb83adac70d165625dd663bc150cd2b5bbebc Mon Sep 17 00:00:00 2001 From: Ryan Skraba Date: Fri, 6 Mar 2026 19:41:09 +0100 Subject: [PATCH] AVRO-4236: [doc] Update security model for Avro IPC Emphasize the importance of not exposing the Avro IPC mechanism on public networks. --- doc/content/en/project/Security/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/content/en/project/Security/_index.md b/doc/content/en/project/Security/_index.md index 5346d414f22..4b3401ef101 100755 --- a/doc/content/en/project/Security/_index.md +++ b/doc/content/en/project/Security/_index.md @@ -38,7 +38,8 @@ Security Model The Avro library implementations are designed to read and write any data conforming to a schema. Transport is outside the scope of the Avro library: applications using Avro should be surrounded by security measures that prevent attackers from writing -random data and otherwise interfering with the consumers of schemas. +random data and otherwise interfering with the consumers of schemas. In addition, +the Avro IPC mechanism should not be exposed on a public network to untrusted actors. Although the Avro library will not read or write data except as directed to by invoking it, avoiding leaking data into a side channel like log files is a non-goal @@ -55,7 +56,6 @@ additional validation is strongly advised. Such validation can use the parsed sc as schema parsing itself is safe: the parser allows SPIs, but is not otherwise configurable. - Summary -------