Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2556

Code paths for db restore do not use doPrivileged-calls, causing SecurityException

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.2.2.0, 10.3.1.4
    • 10.3.1.4
    • Services
    • None
    • Derby running with a security manager.

    Description

      When using 'createFrom' or 'restoreFrom' in the JDBC url to restore a database from a backup image, a SecurityException is thrown even though the policyfile for codebase derby.jar is correctly configured (giving Derby access to the backup image).

      A few comments on this issue can be found here (and in subsequent comments): https://issues.apache.org/jira/browse/DERBY-1001#action_12439811

      A workaround is wrapping the connection call in doPrivileged at the "application-level code", or granting the required permissions to the application codebase as well.

      Attachments

        1. derby-2556-5b-reworked_fix.stat
          0.7 kB
          Kristian Waagan
        2. derby-2556-5b-reworked_fix.diff
          21 kB
          Kristian Waagan
        3. derby-2556-5a-reworked_fix.stat
          0.6 kB
          Kristian Waagan
        4. derby-2556-5a-reworked_fix.diff
          19 kB
          Kristian Waagan
        5. derby-2556-4a_alternative-patch.stat
          0.3 kB
          Katherine Marsden
        6. derby-2556-4a_alternative-patch.diff
          9 kB
          Katherine Marsden
        7. derby-2556-3a_alternative-patch.stat
          0.1 kB
          Kristian Waagan
        8. derby-2556-3a_alternative-patch.diff
          7 kB
          Kristian Waagan
        9. derby-2556-2a_whitespace-javadoc.diff
          1 kB
          Kristian Waagan
        10. derby-2556_stat.txt
          0.2 kB
          Katherine Marsden
        11. derby-2556_diff.txt
          7 kB
          Katherine Marsden

        Issue Links

          blocks

          Sub-task - The sub-task of the issue DERBY-2555 Remove use of doPrivileged in EncryptionKeyTest

          • Trivial - Cosmetic problem like misspelt words or misaligned text.
          • Closed
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. DERBY-1001 Rewrite 'store/encryptionKey.sql' to a JUnit test

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              kristwaa Kristian Waagan
              kristwaa Kristian Waagan
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: