db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chaa...@apache.org
Subject svn commit: r1066119 - /db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita
Date Tue, 01 Feb 2011 18:30:44 GMT
Author: chaase3
Date: Tue Feb  1 18:30:43 2011
New Revision: 1066119

URL: http://svn.apache.org/viewvc?rev=1066119&view=rev
Log:
DERBY-4991: The derby security policy in the Admin Guide is stale.

Modified topic to use latest template.

Patch: DERBY-4991-2.diff

Modified:
    db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita

Modified: db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita?rev=1066119&r1=1066118&r2=1066119&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita (original)
+++ db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita Tue Feb  1 18:30:43 2011
@@ -50,7 +50,12 @@ Most likely, you will want to customize 
 you will want to restrict the server's liberal file i/o permissions which
 let the server backup/restore and export/import to or from any location in the local file
system.
 For details on how to customize the Template policy, please see <xref href="tadminnetservcustom.dita"></xref>.
-The following example is a copy of the Basic policy: </p>  <codeblock>
+The following example is a copy of the Basic policy: </p>
+<codeblock>//
+// This template policy file gives examples of how to configure the
+// permissions needed to run a Derby network server with the Java
+// Security manager.
+//
 grant codeBase "${derby.install.url}derby.jar"
 {
 //
@@ -58,14 +63,23 @@ grant codeBase "${derby.install.url}derb
 //
   permission java.lang.RuntimePermission "createClassLoader";
   permission java.util.PropertyPermission "derby.*", "read";
-  // The next two properties are used to determine if the VM is 32 or 64 bit.
-  permission java.util.PropertyPermission "sun.arch.data.model", "read";
-  permission java.util.PropertyPermission "os.arch", "read";
   permission java.util.PropertyPermission "user.dir", "read";
   permission java.util.PropertyPermission "derby.storage.jvmInstanceId", 
       "write"; 
+  // The next two properties are used to determine if the VM is 32 or 64
+  // bit.
+  permission java.util.PropertyPermission "sun.arch.data.model", "read";
+  permission java.util.PropertyPermission "os.arch", "read";
   permission java.io.FilePermission "${derby.system.home}","read";
-  permission java.io.FilePermission "${derby.system.home}${/}-", "read,write,delete";
+  permission java.io.FilePermission "${derby.system.home}${/}-", 
+      "read,write,delete";
+
+//
+// This permission lets a DBA reload the policy file while the server
+// is still running. The policy file is reloaded by invoking the
+// SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure.
+//
+  permission java.security.SecurityPermission "getPolicy";
 
 //
 // This permission lets you backup and restore databases
@@ -76,13 +90,53 @@ grant codeBase "${derby.install.url}derb
 //
 // You may want to restrict this access to specific directories.
 //
-  permission java.io.FilePermission "&lt;&lt;ALL FILES&gt;&gt;", "read,write,delete";
+  permission java.io.FilePermission "&lt;&lt;ALL FILES&gt;&gt;",
+      "read,write,delete";
+
+
+//
+// Permissions needed for JMX based management and monitoring, which is
+// only available for JVMs supporting "platform management", that is
+// Java SE 5.0 or better.
+//
+// Allows this code to create an MBeanServer:
+//
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+//
+// Allows access to Derby's built-in MBeans, within the domain
+// org.apache.derby.
+// Derby must be allowed to register and unregister these MBeans.
+// It is possible to allow access only to specific MBeans, attributes or 
+// operations. To fine tune this permission, see the javadoc of 
+// javax.management.MBeanPermission or the JMX Instrumentation and Agent 
+// Specification. 
+//
+  permission javax.management.MBeanPermission 
+      "org.apache.derby.*#[org.apache.derby:*]",
+      "registerMBean,unregisterMBean";
+//
+// Trusts Derby code to be a source of MBeans and to register these in
+// the MBean server.
+//
+  permission javax.management.MBeanTrustPermission "register";
+
+  // getProtectionDomain is an optional permission needed for printing
+  // classpath information to derby.log
+  permission java.lang.RuntimePermission "getProtectionDomain";
+
+  //
+  // The following permission must be granted for
+  // Connection.abort(Executor) to work. Note that this permission
+  // must also be granted to outer (application) code domains.
+  //
+  permission java.sql.SQLPermission "callAbort";
 };
 
 grant codeBase "${derby.install.url}derbynet.jar"
 {
 //
-// This permission lets the Network Server manage connections from clients.
+// This permission lets the Network Server manage connections from
+// clients.
 //
 
 // Accept connections from any host. Derby is listening to the host
@@ -94,7 +148,49 @@ grant codeBase "${derby.install.url}derb
 // subdomain, e.g. "*.acme.com".
 
   permission java.net.SocketPermission "*", "accept"; 
-};
-</codeblock> </context>
+
+//
+// Needed for server tracing.
+//
+  permission java.io.FilePermission "${derby.drda.traceDirectory}${/}-",
+      "read,write,delete";
+
+//
+// JMX: Uncomment this permission to allow the ping operation of the 
+//      NetworkServerMBean to connect to the Network Server.
+//permission java.net.SocketPermission "*", "connect,resolve";
+
+
+//
+// Needed by sysinfo. The file permission is needed to
+// check the existence of jars on the classpath. You can
+// limit this permission to just the locations which hold
+// your jar files.
+//
+// In this template file, this block of permissions is granted
+// to derbynet.jar under the assumption that derbynet.jar is
+// the first jar file in your classpath which contains the
+// sysinfo classes. If that is not the case, then you will want
+// to grant this block of permissions to the first jar file
+// in your classpath which contains the sysinfo classes.
+// Those classes are bundled into the following Derby
+// jar files:
+//
+//    derbynet.jar
+//    derby.jar
+//    derbyclient.jar
+//    derbytools.jar
+//
+  permission java.util.PropertyPermission "user.*", "read";
+  permission java.util.PropertyPermission "java.home", "read";
+  permission java.util.PropertyPermission "java.class.path", "read";
+  permission java.util.PropertyPermission "java.runtime.version", "read";
+  permission java.util.PropertyPermission "java.fullversion", "read";
+  permission java.lang.RuntimePermission "getProtectionDomain";
+  permission java.io.FilePermission "&lt;&lt;ALL FILES&gt;&gt;", "read";
+  permission java.io.FilePermission "java.runtime.version", "read";
+  permission java.io.FilePermission "java.fullversion", "read";
+};</codeblock>
+</context>
 </taskbody>
 </task>



Mime
View raw message