Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-7138

Remove references to the Java Security Manager

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.16.1.1
    • 10.16.1.1
    • Build tools, Documentation
    • None
    • Normal
    • Release Note Needed
    • Security

    Description

      The Open JDK team has deprecated the Java Security Manager and indicated that it will be removed in a future release of Java. See https://openjdk.java.net/jeps/411. In an email thread titled "protecting security-sensitive operations on multi-tenant servers" on the security-dev@openjdk.java.net mailing list, Alan Bateman indicated that developers should containerize their applications instead.

      This issue tracks work needed to remove Derby's references to the Java Security Manager.

      At a minimum, the following work needs to be done:

      o The tests should be adjusted so that they don't install a SecurityManager.

      o References to the SecurityManager should be removed from product code.

      o We should remove the SecurityManager section of the Derby Security Guide. In its place, we should recommend that developers containerize their Derby applications.

      Attachments

        1. derby-7138-01-aa-removeSecurityManagerFromOldHarnessTests.diff
          8 kB
          Richard N. Hillegas
        2. derby-7138-02-ab-moveMethodsToTestConfiguration.diff
          28 kB
          Richard N. Hillegas
        3. derby-7138-03-aa-removePermissionsTests.diff
          208 kB
          Richard N. Hillegas
        4. DerbyServerTest.java
          3 kB
          Richard N. Hillegas
        5. Z.java
          5 kB
          Richard N. Hillegas
        6. derby-7138-04-ab-hostChangeInNetworkServerControlApiTest.diff
          14 kB
          Richard N. Hillegas
        7. derby-7138-05-aa-removeSecurityManager.diff
          111 kB
          Richard N. Hillegas
        8. derby-7138-06-aa-removeSecurityManagerSetup.diff
          25 kB
          Richard N. Hillegas
        9. derby-7138-07-aa-removePrivilegeBlocksFromTests.diff
          206 kB
          Richard N. Hillegas
        10. derby-7138-08-aa-removePolicyFiles.diff
          108 kB
          Richard N. Hillegas
        11. derby-7138-09-aa-removeMostProductPrivilegeFiles.diff
          594 kB
          Richard N. Hillegas
        12. derby-7138-10-aa-removeRemainingPrivilegeBlocks.diff
          27 kB
          Richard N. Hillegas
        13. derby-7138-11-aa-miscCleanup.diff
          18 kB
          Richard N. Hillegas
        14. derby-7138-12-aa-SYSCS_RELOAD_SECURITY_POLICY.diff
          5 kB
          Richard N. Hillegas
        15. postSecurityManager.html
          2 kB
          Richard N. Hillegas
        16. derby-7138-13-aa-adjustUserDocumentation.diff
          98 kB
          Richard N. Hillegas
        17. derby-7138-13-aa-adjustUserDocumentation.tar
          246 kB
          Richard N. Hillegas
        18. derby-7138-14-aa-removeMoreDocReferences.tar
          206 kB
          Richard N. Hillegas
        19. derby-7138-14-aa-removeMoreDocReferences.diff
          15 kB
          Richard N. Hillegas
        20. derby-3547-01-aa-policyGenerator.diff
          89 kB
          Richard N. Hillegas
        21. derby-7138-14-aa-removeMoreDocReferences-1.tar
          206 kB
          Richard N. Hillegas
        22. derby-7138-16-aa-removeMoreReferences.diff
          14 kB
          Richard N. Hillegas
        23. derby-7138-17-ab-securityExceptions.diff
          38 kB
          Richard N. Hillegas
        24. derby-7138-18-aa-moreSecurityExceptions.diff
          4 kB
          Richard N. Hillegas
        25. derby-7138-19-aa-privilegedActions.diff
          11 kB
          Richard N. Hillegas
        26. derby-7138-20-aa-fixJavadoc.diff
          1.0 kB
          Richard N. Hillegas
        27. releaseNote.html
          6 kB
          Richard N. Hillegas
        28. derby-7138-21-aa-dontCopyPolicyFilesIntoDocs.diff
          2 kB
          Richard N. Hillegas
        29. derby-7138-22-aa-dontTryToZipUpMissingSecurityPolicies.diff
          1 kB
          Richard N. Hillegas
        30. derby-7138-23-aa-dontTryToTarUpMissingSecurityPolicies.diff
          1 kB
          Richard N. Hillegas
        31. derby-7138-24-aa-danglingDocsReference.diff
          1 kB
          Richard N. Hillegas

        Issue Links

          is related to

          Sub-task - The sub-task of the issue SPARK-46257 Upgrade Derby to 10.16.1.1

          • Major - Major loss of function.
          • Resolved
          relates to

          Task - A task that needs to be done. DERBY-7136 Tasks for releasing 10.16.1

          • Major - Major loss of function.
          • Open

          Task - A task that needs to be done. DERBY-7110 Make it possible to build and test Derby cleanly with OpenJDK 17

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. DERBY-7126 Make it possible to build and test Derby cleanly with OpenJDK 18

          • Major - Major loss of function.
          • Closed

          Activity

            People

              rhillegas Richard N. Hillegas
              rhillegas Richard N. Hillegas
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: