Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-1056

Print a security warning to derby.log and network server console if network server is started with remote connections enabled and security manager, user authentication, and ecrypted userid are not on

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 10.1.2.1
    • Fix Version/s: None
    • Component/s: Network Server
    • Labels:
      None
    • Bug behavior facts:
      Security

      Description

      Information and questions from the user list seem to indicate that often users enable remote connections by starting network server with the -h 0.0.0.0 or -h <machinename> option without taking proper security measures. I think it would be worthwhile to print a security warning the console and derby.log if network server is starated without the proper security in place.

      Serious security issues exist when starting network server and allowing remote connections unless users:

      • Run in security manager with permissions restricted as much as possible.
      • Enable user authentication
      • Use encrypted userid/password (Currently only available with IBMJCE)
      • Maybe also print a warning if bootPassword is sent in the connectionAttributes, since this cannot be encrypted. (I had thought there was a jira issue for this but can't find it.)

      An example of such an attack might include creating databases until the host machine disk filled up, deleting all user data etc.

      Related issues:
      DERBY-65
      DERBY-474
      DERBY -528
      DERBY-962

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              kmarsden Kathey Marsden
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: