Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, 10.3.1.4, 10.3.2.1, 10.3.3.0, 10.4.1.3, 10.4.2.0, 10.5.1.1, 10.5.2.0
-
None
-
Normal
-
Security
Description
If a user-coded jar file lives outside the database and is wired into Derby's classpath, then you can use the security policy to grant java permissions to that jar file. For example, you can grant code in that jar file privilege to access the network or read/write parts of the file system. You cannot grant these permissions to user jar files which are stored in the database. This issue came up in a thread on the user list: http://www.nabble.com/Using-security-manager-to-grant-permission-to-db-stored-procedures-td25005855.html#a25006129