Derby
  1. Derby
  2. DERBY-2196

Run standalone network server with security manager by default

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10.3.1.4
    • Component/s: Network Server
    • Labels:
      None
    • Issue & fix info:
      Release Note Needed
    • Bug behavior facts:
      Security

      Description

      From an e-mail discussion:
      ... Derby should match the security provided by typical client server systems such as DB2, Oracle, etc. I
      think in this case system/database owners are trusting the database
      system to ensure that their system cannot be attacked. So maybe if Derby
      is booted as a standalone server with no security manager involved, it
      should install one with a default security policy. Thus allowing Derby
      to use Java security manager to manage system privileges but not
      requiring everyone to become familiar with them.

      http://mail-archives.apache.org/mod_mbox/db-derby-dev/200612.mbox/%3c4582FE67.7040308@apache.org%3e

      I imagine such a policy would allow any access to databases under derby.system.home and/or user.home.
      By standalone I mean the network server was started though the main() method (command line).

      1. secureServer.html
        25 kB
        Dag H. Wanvik
      2. secureServer.html
        24 kB
        Dag H. Wanvik
      3. secureServer.html
        23 kB
        Rick Hillegas
      4. secureServer.html
        23 kB
        Rick Hillegas
      5. releaseNote.html
        4 kB
        Rick Hillegas
      6. releaseNote.html
        4 kB
        Rick Hillegas
      7. releaseNote.html
        4 kB
        Rick Hillegas
      8. releaseNote.html
        4 kB
        Rick Hillegas
      9. secureServer.html
        23 kB
        Rick Hillegas
      10. secureServerReleaseNote.html
        5 kB
        Rick Hillegas
      11. secureServer.html
        23 kB
        Rick Hillegas
      12. secureServer.html
        21 kB
        Rick Hillegas
      13. derby-2196-10-renameOption-01.diff
        11 kB
        Rick Hillegas
      14. derby-2196-03-tests-01.diff
        23 kB
        Rick Hillegas
      15. derby-2196-02-install-01.diff
        25 kB
        Rick Hillegas
      16. derby-2196-01-print-03.diff
        4 kB
        Rick Hillegas
      17. secureServer.html
        21 kB
        Rick Hillegas
      18. derby-2196-01-print-02.diff
        8 kB
        Rick Hillegas
      19. derby-2196-01-print-01.diff
        8 kB
        Rick Hillegas
      20. secureServer.html
        18 kB
        Rick Hillegas
      21. secureServer.html
        17 kB
        Rick Hillegas
      22. secureServer.html
        15 kB
        Rick Hillegas
      23. secureServer.html
        14 kB
        Rick Hillegas
      24. secureServer.html
        13 kB
        Rick Hillegas

        Issue Links

          Activity

            People

            • Assignee:
              Rick Hillegas
              Reporter:
              Daniel John Debrunner
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development