[DERBY-6598] Document permissions recommendations for JAR procedures - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 10.11.1.1
Fix Version/s: 10.11.1.1
Component/s: Documentation
Labels:
None

Bug behavior facts:

Security

Description

It's been recommended that we should make the documentation of the SQLJ.INSTALL_JAR procedure (and SQLJ.REPLACE_JAR) state more explicitly that the privilege should only be granted to trusted users. For example:

"Since this procedure can be used to install arbitrary code that runs in the same Java Virtual Machine as the Derby database engine, the execution privilege should only be granted to trusted users."

This needs to go into the Reference Manual topics on these procedures as well as other locations where they are discussed.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

DERBY-6598-2.zip
05/Jun/14 17:12
7 kB
Camilla Haase
DERBY-6598-2.stat
05/Jun/14 17:12
0.1 kB
Camilla Haase
DERBY-6598-2.diff
05/Jun/14 17:12
3 kB
Camilla Haase
DERBY-6598.zip
04/Jun/14 15:57
9 kB
Camilla Haase
DERBY-6598.stat
04/Jun/14 15:57
0.2 kB
Camilla Haase
DERBY-6598.diff
04/Jun/14 15:57
4 kB
Camilla Haase

Activity

People

Assignee:: Camilla Haase

Reporter:: Camilla Haase

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Jun/14 15:18

Updated:: 20/Jun/14 14:15

Resolved:: 10/Jun/14 19:12