[DERBY-3667] SQL roles: Make CURRENT_ROLE check that the role is still valid - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.5.1.1
Component/s: SQL
Labels:
None

Urgency:
Normal
Bug behavior facts:

Security

Description

When a role is the current role of a session, and that role is either
a) revoked from current user or dropped, the present implementation
does not actually reset the current role of value of the session which
has set it to current, but instead lazily relies on the next usage to
discover this fact by validating that the role usage is still
applicable. This check is missing from CURRENT_USER.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

derby-3667-1.diff
07/May/08 12:53
9 kB
Dag H. Wanvik
derby-3667-1.stat
07/May/08 12:53
0.4 kB
Dag H. Wanvik

Issue Links

is part of

DERBY-2207 Improve usability of Derby's client/server security by implementing ANSI Roles

Closed

Activity

People

Assignee:: Dag H. Wanvik

Reporter:: Dag H. Wanvik

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 07/May/08 11:55

Updated:: 30/Jun/09 00:14

Resolved:: 08/May/08 11:39