Derby
  1. Derby
  2. DERBY-5492

Restrictive file permissions: permissions removed also for owner on NTFS if Acl does not contain explicit entry for owner

    Details

    • Bug behavior facts:
      Security

      Description

      It turns out that the file owner does not necessarily get an explicit AclEntry; this depends on whether the created file has sufficient permissions already through, say, a permission for everybody to write. The present logic removes all AclEntries except those granted to the file's owner, erroneously presuming there would be such an entry always. This led to all AclEntries being removed.

      This error is seen in Oracle's nightly regressions for Windows, but did not reproduced when running manually on Windows. This was due to different default inherited permissions on the directories in which the regression tests were run.

      1. derby-5492-2.stat
        0.2 kB
        Dag H. Wanvik
      2. derby-5492-2.diff
        9 kB
        Dag H. Wanvik
      3. derby-5492-1.stat
        0.2 kB
        Dag H. Wanvik
      4. derby-5492-1.diff
        9 kB
        Dag H. Wanvik

        Issue Links

          Activity

            People

            • Assignee:
              Dag H. Wanvik
              Reporter:
              Dag H. Wanvik
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development