Derby
  1. Derby
  2. DERBY-537

SQLJ.INSTALL_JAR and SQLJ.UPDATE_JAR fail when running with a SecurityManager enabled.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 10.1.1.0
    • Fix Version/s: 10.1.3.2, 10.2.2.1, 10.3.1.4
    • Component/s: SQL
    • Labels:
      None
    • Bug behavior facts:
      Security

      Description

      Seen if running the lang/dcl.sql test with a SecurityManager. Accessing the jar file is not within a priviledged block.

      1. derby-537_10.2_diff.txt
        50 kB
        Kathey Marsden
      2. derby-537_10.2_stat.txt
        1 kB
        Kathey Marsden
      3. derby-537_10_1_diff.txt
        49 kB
        Kathey Marsden

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Closed Closed
        469d 20h 2m 1 Daniel John Debrunner 08/Dec/06 00:00
        Closed Closed Reopened Reopened
        199d 22h 30m 1 Kathey Marsden 25/Jun/07 22:30
        Reopened Reopened Resolved Resolved
        6d 23h 20m 1 Myrna van Lunteren 02/Jul/07 21:51
        Resolved Resolved Closed Closed
        2d 15h 1 Kathey Marsden 05/Jul/07 12:52
        Gavin made changes -
        Workflow jira [ 12323772 ] Default workflow, editable Closed status [ 12800587 ]
        Dag H. Wanvik made changes -
        Component/s Security [ 11411 ]
        Dag H. Wanvik made changes -
        Derby Categories [Security]
        Kathey Marsden made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Hide
        Kathey Marsden added a comment -

        reclosing this issue

        Show
        Kathey Marsden added a comment - reclosing this issue
        Kathey Marsden made changes -
        Assignee Kathey Marsden [ kmarsden ] Daniel John Debrunner [ djd ]
        Myrna van Lunteren made changes -
        Fix Version/s 10.2.2.1 [ 12312251 ]
        Fix Version/s 10.1.3.2 [ 12311972 ]
        Resolution Fixed [ 1 ]
        Status Reopened [ 4 ] Resolved [ 5 ]
        Hide
        Myrna van Lunteren added a comment -

        I don't see anything bad in testing as a result of this. Marking resolved.

        Show
        Myrna van Lunteren added a comment - I don't see anything bad in testing as a result of this. Marking resolved.
        Kathey Marsden made changes -
        Attachment derby-537_10_1_diff.txt [ 12360685 ]
        Hide
        Kathey Marsden added a comment -

        Here is the 10.1 patch. Running tests now.

        Show
        Kathey Marsden added a comment - Here is the 10.1 patch. Running tests now.
        Hide
        Kathey Marsden added a comment -

        1.3.1 tests passed with only known failures. So, I will go ahead and check this in in an hour or so unless anyone has comments on the patch.

        Kathey

        Show
        Kathey Marsden added a comment - 1.3.1 tests passed with only known failures. So, I will go ahead and check this in in an hour or so unless anyone has comments on the patch. Kathey
        Hide
        Kathey Marsden added a comment -

        One question I have about the port is whether the removal of JarFileJava2.java is appropriate for the 10.2 branch. I am running tests with jdk131 to make sure it doesn't create a problem.

        Kathey

        Show
        Kathey Marsden added a comment - One question I have about the port is whether the removal of JarFileJava2.java is appropriate for the 10.2 branch. I am running tests with jdk131 to make sure it doesn't create a problem. Kathey
        Hide
        Kathey Marsden added a comment -

        I ported all the code changes (I think!) but not all the test changes, because of major test restructuring like the introduction of the JUnit testing infrastructure. I enabled security manager for the dblook_test to test the change in 10.2. If this goes back to 10.1 then I will probably have to test manually or add a network server test since we only test network server under security manager for 10.1

        Show
        Kathey Marsden added a comment - I ported all the code changes (I think!) but not all the test changes, because of major test restructuring like the introduction of the JUnit testing infrastructure. I enabled security manager for the dblook_test to test the change in 10.2. If this goes back to 10.1 then I will probably have to test manually or add a network server test since we only test network server under security manager for 10.1
        Hide
        Daniel John Debrunner added a comment -

        Good to have some descriptive comment of how you arrived at that list of changes for the 10.2 backport, since it seems to be a sub-set of the ones listed for the two bugs.

        Show
        Daniel John Debrunner added a comment - Good to have some descriptive comment of how you arrived at that list of changes for the 10.2 backport, since it seems to be a sub-set of the ones listed for the two bugs.
        Kathey Marsden made changes -
        Attachment derby-537_10.2_stat.txt [ 12360525 ]
        Kathey Marsden made changes -
        Attachment derby-537_10.2_diff.txt [ 12360524 ]
        Hide
        Kathey Marsden added a comment -

        This is a port of DERBY-537 and DERBY-538 to 10.2. Changes ported were 387324,473416,473440,473780,473828,473834,474376,482812,482850,483108,483148,483160,483738,484722,543524
        Enabled dblook_test.java with security manager to test installation of jar with security manager.
        I am running derbyall now and will commit tomorrow if all goes well.

        Kathey

        Show
        Kathey Marsden added a comment - This is a port of DERBY-537 and DERBY-538 to 10.2. Changes ported were 387324,473416,473440,473780,473828,473834,474376,482812,482850,483108,483148,483160,483738,484722,543524 Enabled dblook_test.java with security manager to test installation of jar with security manager. I am running derbyall now and will commit tomorrow if all goes well. Kathey
        Kathey Marsden made changes -
        Assignee Daniel John Debrunner [ djd ] Kathey Marsden [ kmarsden ]
        Resolution Fixed [ 1 ]
        Status Closed [ 6 ] Reopened [ 4 ]
        Hide
        Kathey Marsden added a comment -

        reopen for backport

        Show
        Kathey Marsden added a comment - reopen for backport
        Daniel John Debrunner made changes -
        Field Original Value New Value
        Status Open [ 1 ] Closed [ 6 ]
        Resolution Fixed [ 1 ]
        Fix Version/s 10.3.0.0 [ 12310800 ]
        Hide
        Daniel John Debrunner added a comment -

        Committed revision 483738

        Show
        Daniel John Debrunner added a comment - Committed revision 483738
        Hide
        Daniel John Debrunner added a comment -

        Committed revision 473828 to read the jar file in a privileged block.
        Still exceptions are thrown with install_jar and replace_jar as writing the jar file into the database jar folder seems to not be under a privileged block.

        Show
        Daniel John Debrunner added a comment - Committed revision 473828 to read the jar file in a privileged block. Still exceptions are thrown with install_jar and replace_jar as writing the jar file into the database jar folder seems to not be under a privileged block.
        Daniel John Debrunner created issue -

          People

          • Assignee:
            Daniel John Debrunner
            Reporter:
            Daniel John Debrunner
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development