Jean T. Anderson added a comment - 11/Nov/05 07:28 AM

Jean T. Anderson added a comment - 11/Nov/05 07:28 AM The Server & Admin guide example also needs to be updated: http://db.apache.org/derby/docs/dev/adminguide/tadminnetservrun.html

Jean T. Anderson added a comment - 16/Dec/05 10:31 AM

Jean T. Anderson added a comment - 16/Dec/05 10:31 AM Here's a tested policy file for the example in http://db.apache.org/derby/docs/dev/adminguide/tadminnetservrun.html . (1) nsrv.policy file: //Recommended set of permissions to start and use the Network Server, //assuming the 'd:/derby/lib' directory has been secured. //Fine tune based on your environment settings grant codeBase "file:d:/derby/lib/-" { permission java.io.FilePermission "${derby.system.home}", "read"; permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete"; permission java.io.FilePermission "${user.dir}${/}-", "read, write, delete"; permission java.util.PropertyPermission "derby.*", "read"; permission java.util.PropertyPermission "user.dir", "read"; permission java.lang.RuntimePermission "createClassLoader"; permission java.net.SocketPermission "localhost", "accept"; }; //Required set of permissions to stop the Network Server, assuming you have // secured the 'd:/derby/lib' directory //Remember to fine tune this as per your environment. grant codeBase "file:d:/derby/lib/-" { //Following is required when server is started with "-h localhost" //or without the -h option permission java.net.SocketPermission "localhost", "accept, connect,resolve"; permission java.net.SocketPermission "127.0.0.1", "accept, connect,resolve"; //The following is only required if the server is started with the -h <host> //option (else shutdown access will be denied). permission java.net.SocketPermission "localhost:*", "accept, connect,resolve"; }; (2) Start the network server using this policy file:  java -Djava.security.manager -Djava.security.policy=d:/nsrv.policy org.apache.derby.drda.NetworkServerControl start (3) Here's a simple example that shows how the policy restricts where users can create a new database. The user can create a database in the default derby system home:    ij> connect 'jdbc:derby://localhost:1527/MyDbTest;create=true'; The user is prevented from creating a database in another location:    ij> connect 'jdbc:derby://localhost:1527//BadTst;create=true';    ERROR XJ040: DERBY SQL error: SQLCODE: -1, SQLSTATE: XJ040, SQLERRMC: Failed to start database '/BadTst', see the next exception for details.::SQLSTATE: XJ00 1Java exception: 'access denied (java.io.FilePermission C:\BadTst\service.properties read): java.security.AccessControlException'.

Eric Radzinski added a comment - 20/Jan/06 09:43 AM

Eric Radzinski added a comment - 20/Jan/06 09:43 AM Attached patch applies the requested change to the three Java 2 security policy file examples as requested. HTML files are included for review.

Eric Radzinski added a comment - 03/Feb/06 01:50 AM

Eric Radzinski added a comment - 03/Feb/06 01:50 AM Attached patch addresses changes to both the Server Gd. and to the Dev. Gd. HTML files are included for review.

Jean T. Anderson added a comment - 04/Feb/06 09:52 AM

Jean T. Anderson added a comment - 04/Feb/06 09:52 AM Patch derby701-2.diff looks good -- and I actually ran the network server example to make sure it works. Committed to the trunk, revision 374798. Modified files: $ svn status M src/adminguide/tadminnetservrun.dita M src/devguide/rdevcsecure871406.dita M src/devguide/rdevcsecure871439.dita M src/devguide/rdevcsecure871422.dita

Jean T. Anderson added a comment - 26/Apr/06 06:10 AM

Jean T. Anderson added a comment - 26/Apr/06 06:10 AM Reopen to merge fix to 10.1.3.

Jean T. Anderson added a comment - 26/Apr/06 06:12 AM

Jean T. Anderson added a comment - 26/Apr/06 06:12 AM Fix merged from 10.2, committed revision 397015.