Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-6617

Silently swallowed SecurityExceptions may disable Derby features, including security features.



    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s:
    • Fix Version/s:,
    • Component/s: Services
    • Labels:
    • Urgency:
    • Bug behavior facts:


      When the Monitor tries to read Derby properties, it silently swallows SecurityExceptions. This means that the properties will be silently ignored if Derby has not been granted sufficient privileges. This means that if you make a mistake crafting your security policy, then you may disable authentication and authorization. You may not realize this until you have incurred a security breach. This swallowing occurs at the following code locations:

      org.apache.derby.impl.services.monitor.BaseMonitor readApplicationProperties Catch java.lang.SecurityException 1 line 1360
      org.apache.derby.impl.services.monitor.BaseMonitor runWithState Catch java.lang.SecurityException 0 line 280
      org.apache.derby.impl.services.monitor.FileMonitor PBgetJVMProperty Catch java.lang.SecurityException 1 line 183
      org.apache.derby.impl.services.monitor.FileMonitor PBinitialize Catch java.lang.SecurityException 1 line 120

      SecurityExceptions are swallowed at other locations in the Monitor. The implications of these swallowings should be understood and, at a minimum, security problems should be fixed:

      org.apache.derby.impl.services.monitor.FileMonitor PBinitialize Catch java.lang.SecurityException 1 line 157
      org.apache.derby.impl.services.monitor.FileMonitor createDaemonGroup Catch java.lang.SecurityException 1 line 89


        1. ibm.diff
          3 kB
          Knut Anders Hatlen
        2. fix-test.diff
          8 kB
          Knut Anders Hatlen
        3. exit-subprocess.diff
          9 kB
          Knut Anders Hatlen
        4. derby-6617-junit.diff
          17 kB
          Dag H. Wanvik
        5. derby-6617-3b.status
          2 kB
          Dag H. Wanvik
        6. derby-6617-3b.diff
          17 kB
          Dag H. Wanvik
        7. derby-6617-3.status
          1 kB
          Dag H. Wanvik
        8. derby-6617-3.diff
          11 kB
          Dag H. Wanvik
        9. derby-6617-2.status
          2 kB
          Dag H. Wanvik
        10. derby-6617-2.diff
          38 kB
          Dag H. Wanvik
        11. derby-6617-1.diff
          22 kB
          Dag H. Wanvik
        12. derby-6617-04-aa-platformSpecificErrorText.diff
          3 kB
          Richard N. Hillegas

          Issue Links



              • Assignee:
                dagw Dag H. Wanvik
                rhillegas Richard N. Hillegas
              • Votes:
                0 Vote for this issue
                6 Start watching this issue


                • Created: