Return-Path: X-Original-To: apmail-db-derby-commits-archive@www.apache.org Delivered-To: apmail-db-derby-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C48FCF940 for ; Mon, 13 May 2013 14:25:45 +0000 (UTC) Received: (qmail 46277 invoked by uid 500); 13 May 2013 13:59:04 -0000 Delivered-To: apmail-db-derby-commits-archive@db.apache.org Received: (qmail 46133 invoked by uid 500); 13 May 2013 13:59:00 -0000 Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: "Derby Development" List-Id: Delivered-To: mailing list derby-commits@db.apache.org Received: (qmail 46085 invoked by uid 99); 13 May 2013 13:58:59 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 13 May 2013 13:58:59 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 13 May 2013 13:58:57 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 0269C2388906; Mon, 13 May 2013 13:58:37 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1481853 - in /db/derby/docs/trunk/src: adminguide/tadminnetservbasic.dita adminguide/tadminnetservcustom.dita devguide/cdevbabejgjd.dita devguide/rdevcsecure871406.dita devguide/rdevcsecure871422.dita devguide/rdevcsecure871439.dita Date: Mon, 13 May 2013 13:58:36 -0000 To: derby-commits@db.apache.org From: chaase3@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130513135837.0269C2388906@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: chaase3 Date: Mon May 13 13:58:36 2013 New Revision: 1481853 URL: http://svn.apache.org/r1481853 Log: DERBY-6160 Fixes needed to documentation topics on security policy permissions Modified 2 Admin Guide topics and 4 Developer's Guide topics. Patch: DERBY-6160-4.diff Modified: db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita Modified: db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita?rev=1481853&r1=1481852&r2=1481853&view=diff ============================================================================== --- db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita (original) +++ db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita Mon May 13 13:58:36 2013 @@ -55,136 +55,133 @@ you will want to restrict the server's l let the server backup/restore and export/import to or from any location in the local file system. For details on how to customize the Template policy, please see . The following example is a copy of the Basic policy:

-// -// This template policy file gives examples of how to configure the +// This template policy file gives examples of how to configure the // permissions needed to run a Derby network server with the Java // Security manager. // grant codeBase "${derby.install.url}derby.jar" { -// -// These permissions are needed for everyday, embedded Derby usage. -// + // These permissions are needed for everyday, embedded Derby usage. + // permission java.lang.RuntimePermission "createClassLoader"; permission java.util.PropertyPermission "derby.*", "read"; permission java.util.PropertyPermission "user.dir", "read"; - permission java.util.PropertyPermission "derby.storage.jvmInstanceId", - "write"; + // The next two properties are used to determine if the VM is 32 or 64 // bit. permission java.util.PropertyPermission "sun.arch.data.model", "read"; permission java.util.PropertyPermission "os.arch", "read"; + permission java.io.FilePermission "${derby.system.home}","read"; permission java.io.FilePermission "${derby.system.home}${/}-", "read,write,delete"; -// -// This permission lets a DBA reload the policy file while the server -// is still running. The policy file is reloaded by invoking the -// SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure. -// + // This permission lets a DBA reload the policy file while the server + // is still running. The policy file is reloaded by invoking the + // SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure. + // permission java.security.SecurityPermission "getPolicy"; -// -// This permission lets you backup and restore databases -// to and from arbitrary locations in your file system. -// -// This permission also lets you import/export data to and from -// arbitrary locations in your file system. -// -// You may want to restrict this access to specific directories. -// + // This permission lets you backup and restore databases + // to and from arbitrary locations in your file system. + // + // This permission also lets you import/export data to and from + // arbitrary locations in your file system. + // + // You may want to restrict this access to specific directories. + // permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; - -// -// Permissions needed for JMX based management and monitoring, which is -// only available for JVMs supporting "platform management", that is -// Java SE 5.0 or better. -// -// Allows this code to create an MBeanServer: -// + // Permissions needed for JMX based management and monitoring, which is + // only available for JVMs supporting "platform management", that is + // Java SE 5.0 or better. + // + // Allows this code to create an MBeanServer: + // permission javax.management.MBeanServerPermission "createMBeanServer"; -// -// Allows access to Derby's built-in MBeans, within the domain -// org.apache.derby. -// Derby must be allowed to register and unregister these MBeans. -// It is possible to allow access only to specific MBeans, attributes or -// operations. To fine tune this permission, see the javadoc of -// javax.management.MBeanPermission or the JMX Instrumentation and Agent -// Specification. -// + // + // Allows access to Derby's built-in MBeans, within the domain + // org.apache.derby. + // Derby must be allowed to register and unregister these MBeans. + // It is possible to allow access only to specific MBeans, attributes + // or operations. To fine tune this permission, see the javadoc of + // javax.management.MBeanPermission or the JMX Instrumentation and + // Agent Specification. + // permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]", "registerMBean,unregisterMBean"; -// -// Trusts Derby code to be a source of MBeans and to register these in -// the MBean server. -// + // + // Trusts Derby code to be a source of MBeans and to register these in + // the MBean server. + // permission javax.management.MBeanTrustPermission "register"; // getProtectionDomain is an optional permission needed for printing // classpath information to derby.log permission java.lang.RuntimePermission "getProtectionDomain"; - // // The following permission must be granted for // Connection.abort(Executor) to work. Note that this permission // must also be granted to outer (application) code domains. // permission java.sql.SQLPermission "callAbort"; + + // Needed by file permissions restriction system: + permission java.lang.RuntimePermission "accessUserInformation"; + permission java.lang.RuntimePermission "getFileStoreAttributes"; }; grant codeBase "${derby.install.url}derbynet.jar" { -// -// This permission lets the Network Server manage connections from -// clients. -// - -// Accept connections from any host. Derby is listening to the host -// interface specified via the -h option to "NetworkServerControl -// start" on the command line, via the address parameter to the -// org.apache.derby.drda.NetworkServerControl constructor in the API -// or via the property derby.drda.host; the default is localhost. -// You may want to restrict allowed hosts, e.g. to hosts in a specific -// subdomain, e.g. "*.example.com". + // This permission lets the Network Server manage connections from + // clients. + // Accept connections from any host. Derby is listening to the host + // interface specified via the -h option to "NetworkServerControl + // start" on the command line, via the address parameter to the + // org.apache.derby.drda.NetworkServerControl constructor in the API + // or via the property derby.drda.host; the default is localhost. + // You may want to restrict allowed hosts, e.g. to hosts in a specific + // subdomain, e.g. "*.example.com". permission java.net.SocketPermission "*", "accept"; -// -// Needed for server tracing. -// + // Needed for server tracing. + // permission java.io.FilePermission "${derby.drda.traceDirectory}${/}-", "read,write,delete"; -// -// JMX: Uncomment this permission to allow the ping operation of the -// NetworkServerMBean to connect to the Network Server. -//permission java.net.SocketPermission "*", "connect,resolve"; - - -// -// Needed by sysinfo. The file permission is needed to -// check the existence of jars on the classpath. You can -// limit this permission to just the locations which hold -// your jar files. -// -// In this template file, this block of permissions is granted -// to derbynet.jar under the assumption that derbynet.jar is -// the first jar file in your classpath which contains the -// sysinfo classes. If that is not the case, then you will want -// to grant this block of permissions to the first jar file -// in your classpath which contains the sysinfo classes. -// Those classes are bundled into the following Derby -// jar files: -// -// derbynet.jar -// derby.jar -// derbyclient.jar -// derbytools.jar -// + // Needed by file permissions restriction system: + // + permission java.lang.RuntimePermission "accessUserInformation"; + permission java.lang.RuntimePermission "getFileStoreAttributes"; + permission java.util.PropertyPermission + "derby.__serverStartedFromCmdLine", "read, write"; + + // JMX: Uncomment this permission to allow the ping operation of the + // NetworkServerMBean to connect to the Network Server. + //permission java.net.SocketPermission "*", "connect,resolve"; + + // Needed by sysinfo. The file permission is needed to + // check the existence of jars on the classpath. You can + // limit this permission to just the locations which hold + // your jar files. + // + // In this template file, this block of permissions is granted + // to derbynet.jar under the assumption that derbynet.jar is + // the first jar file in your classpath which contains the + // sysinfo classes. If that is not the case, then you will want + // to grant this block of permissions to the first jar file + // in your classpath which contains the sysinfo classes. + // Those classes are bundled into the following Derby + // jar files: + // + // derbynet.jar + // derby.jar + // derbyclient.jar + // derbytools.jar + // permission java.util.PropertyPermission "user.*", "read"; permission java.util.PropertyPermission "java.home", "read"; permission java.util.PropertyPermission "java.class.path", "read"; Modified: db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita?rev=1481853&r1=1481852&r2=1481853&view=diff ============================================================================== --- db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita (original) +++ db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita Mon May 13 13:58:36 2013 @@ -28,91 +28,209 @@ limitations under the License.

The Network Server's Basic security policy is documented in the section . Most likely, you will want to customize your own security policy. For example, you might want -to restrict the server's liberal file i/o permissions which let the server -backup/restore and export/import to or from any location in the local file system. Customizing -the security policy is simple:

    -
  • A template policy lives in the Derby distribution at demo/templates/server.policy. +to restrict the server's liberal file I/O permissions, which let the server +backup/restore and export/import to or from any location in the local file +system. Customizing the security policy is simple:

    +
      +
    1. A template policy lives in the + distribution at +demo/templates/server.policy. Copy the file from this location to your own file, say myCustomized.policy. All of the following edits take place in your custom file.
    2. Replace the ${derby.install.url} variable with the location of -the Derby jars in your local file system.
      3. +the jars in your local +file system.
    3. Replace the ${derby.system.home} variable with the location of -your Derby system directory. Alternatively, rather than replacing this variable, -you can simply set the value of the derby.system.home system property -when you boot the server.
      4. -
    4. You must grant java.net.SocketPermission to -derby.jar if you are using LDAP authentication, so -that the Derby code is allowed to contact the LDAP server to perform -the authentication.
      5. +your system directory. +Alternatively, rather than replacing this variable, you can simply set the value +of the derby.system.home system property when you boot the server. +
    5. Replace the ${derby.drda.traceDirectory} variable with the location +of your server trace file if you plan to use tracing.
      6. +
    6. Grant java.net.SocketPermission to derby.jar if you +are using LDAP authentication, so that the + code is allowed to +contact the LDAP server to perform the authentication.
    7. You may want to restrict the socket permission for derbynet.jar, which by default accepts connections from any host ("*"). Note that the special wildcard address "0.0.0.0" is not -understood by SocketPermission, even though Derby accepts this wildcard as -a valid value for accepting connections on all network interfaces (IPv4).
      8. +understood by SocketPermission, even though + accepts this wildcard +as a valid value for accepting connections on all network interfaces +(IPv4).
    8. Refine the file permissions needed by backup/restore, import/export, and the loading of application jars.
      9. -

The following example is a copy of a sample, customized policy file:

+ +

The following example is a copy of a sample customized policy file:

grant codeBase "file:/usr/local/share/sw/derby/lib/derby.jar" { -// -// These permissions are needed for everyday, embedded Derby usage. -// + // These permissions are needed for everyday, embedded Derby usage. + // permission java.lang.RuntimePermission "createClassLoader"; permission java.util.PropertyPermission "derby.*", "read"; - // The next two properties are used to determine if the VM is 32 or 64 bit. + permission java.util.PropertyPermission "user.dir", "read"; + + // The next two properties are used to determine if the VM is 32 or + // 64 bit. + // permission java.util.PropertyPermission "sun.arch.data.model", "read"; permission java.util.PropertyPermission "os.arch", "read"; - permission java.util.PropertyPermission "user.dir", "read"; - permission java.io.FilePermission "/usr/local/shoppingCartApp/databases","read"; - permission java.io.FilePermission "/usr/local/shoppingCartApp/databases/-", - "read,write,delete"; - permission java.util.PropertyPermission "derby.storage.jvmInstanceId", - "write"; - -// -// This permission lets a DBA reload the policy file while the server -// is still running. The policy file is reloaded by invoking the -// SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure. -// + + // Customized to actual location of derby.system.home: + // + permission java.io.FilePermission + "/usr/local/shoppingCartApp/databases", "read"; + permission java.io.FilePermission + "/usr/local/shoppingCartApp/databases/-", "read,write,delete"; + + // This permission lets a DBA reload the policy file while the server + // is still running. The policy file is reloaded by invoking the + // SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure. + // permission java.security.SecurityPermission "getPolicy"; -// -// This permission lets you backup and restore databases -// to and from a selected branch of the local file system: -// - permission java.io.FilePermission "/usr/local/shoppingCartApp/backups/-", "read,write,delete"; -// -// This permission lets you import data from -// a selected branch of the local file system: -// - permission java.io.FilePermission "/usr/local/shoppingCartApp/imports/-", "read"; -// -// This permission lets you export data to -// a selected branch of the local file system: -// - permission java.io.FilePermission "/usr/local/shoppingCartApp/exports/-", "write"; -// -// This permission lets you load your databases with jar files of -// application code -// - permission java.io.FilePermission "/usr/local/shoppingCartApp/lib/*", "read"; + // This permission lets you backup and restore databases + // to and from a selected branch of the local file system: + // + permission java.io.FilePermission + "/usr/local/shoppingCartApp/backups/-", "read,write,delete"; + + // This permission lets you import data from + // a selected branch of the local file system: + // + permission java.io.FilePermission + "/usr/local/shoppingCartApp/imports/-", "read"; -// LDAP server on localhost using default LDAP port 389: - permission java.net.SocketPermission "localhost:389", "connect,resolve"; + // This permission lets you export data to + // a selected branch of the local file system: + // + permission java.io.FilePermission + "/usr/local/shoppingCartApp/exports/-", "write"; + + // This permission lets you load your databases with jar files of + // application code + // + permission java.io.FilePermission "/usr/local/shoppingCartApp/lib/*", + "read"; + + // LDAP server on localhost using default LDAP port 389: + // + permission java.net.SocketPermission "localhost:389", + "connect,resolve"; + + // Permissions needed for JMX based management and monitoring. + // Uncomment the following MBeanServerPermission, MBeanPermission and + // MBeanTrustPermission if you need JMX monitoring. Consider the + // security implications before you open up for JMX + // monitoring. + // + // Allows this code to create an MBeanServer: + // + // permission javax.management.MBeanServerPermission + // "createMBeanServer"; + // + // Allows access to Derby's built-in MBeans, within the domain + // org.apache.derby. Derby must be allowed to register and unregister + // these MBeans. It is possible to allow access only to specific + // MBeans, attributes or operations. To fine-tune this permission, see + // the API documentation for javax.management.MBeanPermission or the + // JMX Instrumentation and Agent Specification: + // + // permission javax.management.MBeanPermission + // "org.apache.derby.*#[org.apache.derby:*]", + // "registerMBean, unregisterMBean"; + // + // Trusts Derby code to be a source of MBeans and to register these + // in the MBean server: + // + // permission javax.management.MBeanTrustPermission "register"; + + // getProtectionDomain is an optional permission needed for printing + // classpath information to derby.log. Consider if this could be a + // security risk before enabling it. + // + // permission java.lang.RuntimePermission "getProtectionDomain"; + + // The following permission must be granted for + // Connection.abort(Executor) to work. Note that this permission must + // also be granted to outer (application) code domains. + // Uncomment this permission if you plan to use Connection.abort. + // + // permission java.sql.SQLPermission "callAbort"; + + // Needed by file permissions restriction system (see the + // documentation for derby.storage.useDefaultFilePermissions in the + // Reference Manual). Consider restricting the database file-level + // permissions for security. + permission java.lang.RuntimePermission "accessUserInformation"; + permission java.lang.RuntimePermission "getFileStoreAttributes"; }; grant codeBase "file:/usr/local/share/sw/derby/lib/derbynet.jar" { -// -// This permission lets the Network Server manage connections from clients -// originating from the localhost, on any port. -// + // This permission lets the Network Server manage connections from + // clients originating from the localhost, on any port. Consider the + // security implications before you open up database connections + // from other hosts. + // permission java.net.SocketPermission "localhost:0-", "accept"; + + // Needed for server tracing. + // + permission java.io.FilePermission + "/usr/local/shoppingCartApp/trace/-", "read,write,delete"; + + // Needed by file permissions restriction system: + // + permission java.lang.RuntimePermission "accessUserInformation"; + permission java.lang.RuntimePermission "getFileStoreAttributes"; + + // Mandatory if running with a customized policy file. + // + permission java.util.PropertyPermission + "derby.__serverStartedFromCmdLine", "read, write"; + + // + // JMX: Uncomment this permission to allow the ping operation of the + // NetworkServerMBean to connect to the Network Server. + // + // permission java.net.SocketPermission "*", "connect,resolve"; + + // Needed by the sysinfo tool only. You may want to remove the + // block of permissions below if you don't plan to use it. The file + // permission is needed to check the existence of jars on the + // classpath. You can limit this permission to just the locations + // which hold your jar files. + // + // This block of permissions is granted to derbynet.jar under the + // assumption that derbynet.jar is the first jar file in your + // classpath which contains the sysinfo classes. If that is not the + // case, then you will want to grant this block of permissions to + // the first jar file in your classpath which contains the sysinfo + // classes. Those classes are bundled into the following Derby jar + // files: + // + // derbynet.jar + // derby.jar + // derbyclient.jar + // derbytools.jar + // + permission java.util.PropertyPermission "user.*", "read"; + permission java.util.PropertyPermission "java.home", "read"; + permission java.util.PropertyPermission "java.class.path", "read"; + permission java.util.PropertyPermission "java.runtime.version", "read"; + permission java.util.PropertyPermission "java.fullversion", "read"; + permission java.lang.RuntimePermission "getProtectionDomain"; + permission java.io.FilePermission + "/usr/local/shoppingCartApp/jars/-", "read"; + permission java.io.FilePer mission "java.runtime.version", "read"; + permission java.io.FilePermission "java.fullversion", "read"; };

After customizing the Basic policy, you may bring up the Network Server as follows:

-java -Djava.security.manager -Djava.security.policy=/usr/local/shoppingCartApp/lib/myCustomized.policy org.apache.derby.drda.NetworkServerControl start -h localhost +java -Djava.security.manager \ +-Djava.security.policy=/usr/local/shoppingCartApp/lib/myCustomized.policy \ +org.apache.derby.drda.NetworkServerControl start -h localhost Modified: db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita?rev=1481853&r1=1481852&r2=1481853&view=diff ============================================================================== --- db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita (original) +++ db/derby/docs/trunk/src/devguide/cdevbabejgjd.dita Mon May 13 13:58:36 2013 @@ -44,15 +44,6 @@ in the database. individual properties set in the JVM machine's system set. If the action is denied, properties in the JVM machine's system set are ignored. - -
permission java.util.PropertyPermission "derby.storage.jvmInstanceId", -"write"
-
This property is used by Derby to prevent the accidental boot of the database -by two class loaders. If the database is booted by two class loaders, database -corruption can occur. -If write permission for this property is not granted, a message is printed -to the log file which indicates that the database -is not protected from dual boot and possible corruption.
Database access permissions
permission java.io.FilePermission "directory${/}/-", "read,write,delete"
@@ -117,6 +108,18 @@ errors and when the derby.stream.erro is set. See the documentation of this property in the for details. +
permission java.lang.RuntimePermission "accessUserInformation";
+
permission java.lang.RuntimePermission "getFileStoreAttributes";
+
These two permissions are needed when you are running with JDK 7 or higher +and when the secure file mask settings are active (that is, when +derby.storage.useDefaultFilePermissions is set to false, or when the +server has been started from the command line (in which case secure file mask +settings are active by default).
+ +
permission java.lang.RuntimePermission "getProtectionDomain";
+
This permission is needed if you want classpath information to be printed to +derby.log.
+
permission javax.management.MBeanServerPermission "createMBeanServer";
Allows to create an MBean server. If the JVM running Modified: db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita?rev=1481853&r1=1481852&r2=1481853&view=diff ============================================================================== --- db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita (original) +++ db/derby/docs/trunk/src/devguide/rdevcsecure871406.dita Mon May 13 13:58:36 2013 @@ -22,12 +22,12 @@ limitations under the License. Java security policy file example 1 - /* Grants permission to run and access all */ -/* databases under the system home */ -/* when it is specified by the system property */ -/* .system.home */ + /* Grants permission to run and access all */ +/* databases under the system home */ +/* when it is specified by the system property */ +/* derby.system.home */ -/* Note .system.home must be an absolute pathname */ +/* Note derby.system.home must be an absolute pathname */ grant codeBase "file://f://lib/derby.jar" { @@ -36,8 +36,6 @@ grant codeBase "file://f:/ Modified: db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita?rev=1481853&r1=1481852&r2=1481853&view=diff ============================================================================== --- db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita (original) +++ db/derby/docs/trunk/src/devguide/rdevcsecure871422.dita Mon May 13 13:58:36 2013 @@ -22,10 +22,9 @@ limitations under the License. Java security policy file example 2 - /* Grants permission to run and access all */ -/* databases under the system home */ -/* when it defaults to the current directory */ - + /* Grants permission to run and access all */ +/* databases under the system home */ +/* when it defaults to the current directory */ grant codeBase "file://f://lib/derby.jar" { permission java.lang.RuntimePermission "createClassLoader"; @@ -34,9 +33,6 @@ grant codeBase "file://f:/ Modified: db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita?rev=1481853&r1=1481852&r2=1481853&view=diff ============================================================================== --- db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita (original) +++ db/derby/docs/trunk/src/devguide/rdevcsecure871439.dita Mon May 13 13:58:36 2013 @@ -22,10 +22,10 @@ limitations under the License. Java security policy file example 3 - /* Grants permission to run and access a single */ -/* database (salesdb) under the system home */ + /* Grants permission to run and access a single */ +/* database (salesdb) under the system home */ -/* Note .system.home must be an absolute pathname */ +/* Note derby.system.home must be an absolute pathname */ grant codeBase "file://f://lib/derby.jar" { @@ -36,10 +36,6 @@ grant codeBase "file://f:/