[DERBY-4708] In the Administration Guide, clarify that you need to adjust file permissions in your security policy in order to prevent import/export from accessing sensitive files outside your Derby subsystem - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 10.6.1.0
Fix Version/s: 10.6.2.1, 10.7.1.1
Component/s: Documentation
Labels:
None

Bug behavior facts:

Security

Description

Right now the Derby Administration Guide advises users to adjust permissions in their security policy file in order to prevent backup/restore from clobbering and inspecting sensitive files outside the Derby subsystem. This advice can be found in the section titled "Basic Network Server security policy". This section should be clarified to note that you can suffer similar exposure from the export/import procedures and that you need to adjust your security policy for them as well.

Note that this section does link to another, detailed section, which describes the security policy implications for both backup/restore and export/import: "Customizing the Network Server's security policy".

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

derby-4708-01-aa-clarification.diff
22/Jun/10 16:56
2 kB
Richard N. Hillegas
derby-4708-01-aa-clarification.tar
22/Jun/10 16:56
20 kB
Richard N. Hillegas
derby-4708-01-ab-clarification.diff
24/Jun/10 12:35
2 kB
Richard N. Hillegas

Issue Links

is related to

DERBY-2925 Prevent export from overwriting existing files

Closed

Activity

People

Assignee:: Richard N. Hillegas

Reporter:: Richard N. Hillegas

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 22/Jun/10 14:24

Updated:: 15/Jun/17 01:39

Resolved:: 24/Jun/10 15:16