Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2409

Connecting to an already booted database with (re)encryption attributes gives no error or warning

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Duplicate
    • Affects Version/s: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0
    • Fix Version/s: None
    • Component/s: Store
    • Urgency:
      Normal
    • Issue & fix info:
      Repro attached

      Description

      If a database is shutdown and booted with (re)encryption,
      the (re)encryption boot will silently fail (i.e. no (re)encryption takes place), if another
      connection has booted the database in the meantime.

      Presumably, if the database was encrypted at creation time, only the dba will
      have the bootpassword and the above scenario is less likely.

      If it was created unencrypted, is is more of a hole, IMHO: Any other connection
      can then foil the encryption boot, even one which can not be authenticated,
      cf DERBY-2407. To further exacerbate this issue; when the database is shutdown
      and rebooted, using the boot password supplied (and the database was not encrypted),
      no error is given, since a boot password is not required. This can lull a dba
      into thinking the encryption took place!

      We may want to generate a warning or an error in these cases.

      This issue may affect upgrade boots as well?

        Attachments

        1. ij-repro.log
          0.8 kB
          Dag H. Wanvik

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                dagw Dag H. Wanvik
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: