Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2196

Run standalone network server with security manager by default

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10.3.1.4
    • Component/s: Network Server
    • Labels:
      None
    • Issue & fix info:
      Release Note Needed
    • Bug behavior facts:
      Security

      Description

      From an e-mail discussion:
      ... Derby should match the security provided by typical client server systems such as DB2, Oracle, etc. I
      think in this case system/database owners are trusting the database
      system to ensure that their system cannot be attacked. So maybe if Derby
      is booted as a standalone server with no security manager involved, it
      should install one with a default security policy. Thus allowing Derby
      to use Java security manager to manage system privileges but not
      requiring everyone to become familiar with them.

      http://mail-archives.apache.org/mod_mbox/db-derby-dev/200612.mbox/%3c4582FE67.7040308@apache.org%3e

      I imagine such a policy would allow any access to databases under derby.system.home and/or user.home.
      By standalone I mean the network server was started though the main() method (command line).

        Attachments

        1. secureServerReleaseNote.html
          5 kB
          Richard N. Hillegas
        2. secureServer.html
          13 kB
          Richard N. Hillegas
        3. secureServer.html
          14 kB
          Richard N. Hillegas
        4. secureServer.html
          15 kB
          Richard N. Hillegas
        5. secureServer.html
          17 kB
          Richard N. Hillegas
        6. secureServer.html
          18 kB
          Richard N. Hillegas
        7. secureServer.html
          21 kB
          Richard N. Hillegas
        8. secureServer.html
          21 kB
          Richard N. Hillegas
        9. secureServer.html
          23 kB
          Richard N. Hillegas
        10. secureServer.html
          23 kB
          Richard N. Hillegas
        11. secureServer.html
          23 kB
          Richard N. Hillegas
        12. secureServer.html
          23 kB
          Richard N. Hillegas
        13. secureServer.html
          24 kB
          Dag H. Wanvik
        14. secureServer.html
          25 kB
          Dag H. Wanvik
        15. releaseNote.html
          4 kB
          Richard N. Hillegas
        16. releaseNote.html
          4 kB
          Richard N. Hillegas
        17. releaseNote.html
          4 kB
          Richard N. Hillegas
        18. releaseNote.html
          4 kB
          Richard N. Hillegas
        19. derby-2196-10-renameOption-01.diff
          11 kB
          Richard N. Hillegas
        20. derby-2196-03-tests-01.diff
          23 kB
          Richard N. Hillegas
        21. derby-2196-02-install-01.diff
          25 kB
          Richard N. Hillegas
        22. derby-2196-01-print-03.diff
          4 kB
          Richard N. Hillegas
        23. derby-2196-01-print-02.diff
          8 kB
          Richard N. Hillegas
        24. derby-2196-01-print-01.diff
          8 kB
          Richard N. Hillegas

          Issue Links

            Activity

              People

              • Assignee:
                rhillegas Richard N. Hillegas
                Reporter:
                djd Daniel John Debrunner
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: