db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chaa...@apache.org
Subject svn commit: r1305845 - in /db/derby/docs/trunk/src/devguide: cdevbabejgjd.dita cdevcbabejdfj.dita cdevcsecure10983.dita cdevcsecure871387.dita rdevcsecure871406.dita rdevcsecure871422.dita rdevcsecure871439.dita
Date Tue, 27 Mar 2012 14:18:01 GMT
Author: chaase3
Date: Tue Mar 27 14:18:00 2012
New Revision: 1305845

URL: http://svn.apache.org/viewvc?rev=1305845&view=rev
Log:
DERBY-5636  Improve the overview of Derby's security mechanisms

Corrected "Notes on the Derby security features" topic, updated language and 
links in security manager topics.

Patch: DERBY-5636-3.diff

Modified:
    db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita
    db/derby/docs/trunk/src/devguide/cdevcbabejdfj.dita
    db/derby/docs/trunk/src/devguide/cdevcsecure10983.dita
    db/derby/docs/trunk/src/devguide/cdevcsecure871387.dita
    db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita
    db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita
    db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita

Modified: db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita Tue Mar 27 14:18:00 2012
@@ -28,10 +28,11 @@ conref="../conrefs.dita#prod/productshor
 </keywords>
 </metadata></prolog>
 <conbody>
-<p>See Default Policy Implementation and Policy File Syntax at <xref format="html"
-href="http://download.oracle.com/javase/1.4.2/docs/guide/security/PolicyFiles.html"
-scope="external">http://download.oracle.com/javase/1.4.2/docs/guide/security/PolicyFiles.html</xref>
for
-more information about creating policy files.</p>
+<p>See "Default Policy Implementation and Policy File Syntax" at
+<xref format="html"
+href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html"
+scope="external">http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html</xref>
+for more information about creating policy files.</p>
 <section><title>Mandatory permissions</title><dl><dlentry>
 <dt>permission java.lang.RuntimePermission createClassLoader</dt>
 <dd>Mandatory. It allows <ph conref="../conrefs.dita#prod/productshortname"></ph>
to

Modified: db/derby/docs/trunk/src/devguide/cdevcbabejdfj.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcbabejdfj.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcbabejdfj.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcbabejdfj.dita Tue Mar 27 14:18:00 2012
@@ -18,13 +18,14 @@ limitations under the License.
 <!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN" "../dtd/concept.dtd">
 <concept xml:lang="en-us" id="cdevcbabejdfj">
 <title>Running Derby under a security manager</title>
-<shortdesc>When running within an application or application server with a Java 2
-Security Manager enabled, <ph conref="../conrefs.dita#prod/productshortname"></ph>
must be granted certain permissions
-to execute and access database files.</shortdesc>
+<shortdesc>When running within an application or application server with a Java
+security manager enabled,
+<ph conref="../conrefs.dita#prod/productshortname"></ph> must be granted certain
+permissions to execute and access database files.</shortdesc>
 <prolog><metadata>
 <keywords>
 <indexterm>Policy files<indexterm>and Derby permissions</indexterm></indexterm>
-<indexterm>Java SE Security Manager</indexterm>
+<indexterm>Java security manager</indexterm>
 </keywords>
 </metadata>
 </prolog>
@@ -32,6 +33,6 @@ to execute and access database files.</s
 <p>For more information about permissions and examples of creating permission
 objects and granting permissions, see the Security Architecture specification
 at <xref format="html" 
-href="http://download.oracle.com/javase/1.4.2/docs/guide/security/PolicyFiles.html"
-scope="external">http://download.oracle.com/javase/1.4.2/docs/guide/security/PolicyFiles.html</xref>.</p>
+href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/spec/security-spec.doc.html"
+scope="external">http://docs.oracle.com/javase/7/docs/technotes/guides/security/spec/security-spec.doc.html</xref>.</p>
 </conbody></concept>

Modified: db/derby/docs/trunk/src/devguide/cdevcsecure10983.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcsecure10983.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcsecure10983.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcsecure10983.dita Tue Mar 27 14:18:00 2012
@@ -20,28 +20,29 @@ limitations under the License.
 -->
 <concept id="cdevcsecure10983" xml:lang="en-us">
 <title>Notes on the Derby security features</title>
-<shortdesc>The<ph conref="../conrefs.dita#prod/productshortname"></ph>
security
+<shortdesc>The <ph conref="../conrefs.dita#prod/productshortname"></ph>
security
 model has some basic limitations.</shortdesc>
 <prolog><metadata>
 <keywords><indexterm>security features<indexterm>limitations</indexterm></indexterm>
 </keywords>
 </metadata></prolog>
 <conbody>
-<p>You lock out non full-access users with database properties, which are
-stored in the database (and in an encrypted database these properties are
-also encrypted). Note, however, for a distributed/embedded system that a sophisticated
-user with the database encryption key might be able to physically change those
-properties in the database files.</p>
-<p>In addition, in the <ph conref="../conrefs.dita#prod/productshortname"></ph>
system,
-it is not necessary to have a specific connection (or permission to access
-a particular database) to shut down the system. Any authenticated user can
-shut down the system.</p>
-<p>Other security holes to think about are:</p>
-<ul>
-<li>JVM subversion, running the application under a home-grown JVM.</li>
-<li>Trolling for objects</li>
-<li>Class substitution, locating a class that has access to sensitive data
-and replacing it with one that passes on information</li>
-</ul>
+<p>You can use database properties to specify what users can and cannot access
+your database. However, if someone gets physical access to your database (for
+example, if they are able to copy it onto their own disk), they can subvert all
+other security mechanisms given enough time and skill. Your best
+<ph conref="../conrefs.dita#prod/productshortname"></ph> defense against this
+possibility is to encrypt the data (which also encrypts the database
+properties). However, if the encryption can be broken, the data is
+vulnerable.</p>
+<p>There are no authorization checks for system-wide operations. Anyone who can
+authenticate at the system level can shut down the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> engine and restore
+databases. Your best <ph conref="../conrefs.dita#prod/productshortname"></ph>
+defense here is to limit the number of users who can authenticate at the system
+level. This is easy to do with NATIVE authentication: put only one superuser in
+the system-wide credentials database, and store the database-specific users in
+their respective databases. With LDAP authentication, you can do this by using
+different LDAP servers for system-wide and database-specific authentication.</p>
 </conbody>
 </concept>

Modified: db/derby/docs/trunk/src/devguide/cdevcsecure871387.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcsecure871387.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcsecure871387.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcsecure871387.dita Tue Mar 27 14:18:00 2012
@@ -17,7 +17,7 @@ limitations under the License.
 -->
 <!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN" "../dtd/concept.dtd">
 <concept xml:lang="en-us" id="cdevcsecure871387">
-<title>Examples of Java 2 security policy files for embedded Derby</title>
+<title>Examples of Java security policy files for embedded Derby</title>
 <prolog><metadata>
 <keywords>
 <indexterm>Policy files<indexterm>examples</indexterm></indexterm>

Modified: db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita (original)
+++ db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita Tue Mar 27 14:18:00 2012
@@ -19,7 +19,7 @@ See the License for the specific languag
 limitations under the License.
 -->
 <reference id="rdevcsecure871406" xml:lang="en-us">
-<title>Java 2 security policy file example 1</title>
+<title>Java security policy file example 1</title>
 <prolog></prolog>
 <refbody>
 <example> <codeblock><b>/* Grants permission to run <ph conref="../conrefs.dita#prod/productshortname"></ph>
and access all      */

Modified: db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita (original)
+++ db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita Tue Mar 27 14:18:00 2012
@@ -19,7 +19,7 @@ See the License for the specific languag
 limitations under the License.
 -->
 <reference id="rdevcsecure871422" xml:lang="en-us">
-<title>Java 2 security policy file example 2</title>
+<title>Java security policy file example 2</title>
 <prolog></prolog>
 <refbody>
 <example> <codeblock><b>/* Grants permission to run <ph conref="../conrefs.dita#prod/productshortname"></ph>
and access all      */

Modified: db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita?rev=1305845&r1=1305844&r2=1305845&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita (original)
+++ db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita Tue Mar 27 14:18:00 2012
@@ -19,7 +19,7 @@ See the License for the specific languag
 limitations under the License.
 -->
 <reference id="rdevcsecure871439" xml:lang="en-us">
-<title>Java 2 security policy file example 3</title>
+<title>Java security policy file example 3</title>
 <prolog></prolog>
 <refbody>
 <example> <codeblock><b>/* Grants permission to run <ph conref="../conrefs.dita#prod/productshortname"></ph>
and access a single */



Mime
View raw message