Return-Path: X-Original-To: apmail-db-derby-commits-archive@www.apache.org Delivered-To: apmail-db-derby-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D6008DBB1 for ; Thu, 16 May 2013 18:21:05 +0000 (UTC) Received: (qmail 53155 invoked by uid 500); 16 May 2013 18:21:05 -0000 Delivered-To: apmail-db-derby-commits-archive@db.apache.org Received: (qmail 53091 invoked by uid 500); 16 May 2013 18:21:05 -0000 Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: "Derby Development" List-Id: Delivered-To: mailing list derby-commits@db.apache.org Received: (qmail 53083 invoked by uid 99); 16 May 2013 18:21:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 16 May 2013 18:21:05 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 16 May 2013 18:21:03 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 9A28523888E3; Thu, 16 May 2013 18:20:43 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1483488 - in /db/derby/docs/trunk/src/adminguide: tadminnetservbasic.dita tadminnetservcustom.dita Date: Thu, 16 May 2013 18:20:43 -0000 To: derby-commits@db.apache.org From: chaase3@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130516182043.9A28523888E3@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: chaase3 Date: Thu May 16 18:20:43 2013 New Revision: 1483488 URL: http://svn.apache.org/r1483488 Log: DERBY-6160 Fixes needed to documentation topics on security policy permissions Formatting fixes to 2 Admin Guide topics. Patch: DERBY-6160-5.diff Modified: db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita Modified: db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita?rev=1483488&r1=1483487&r2=1483488&view=diff ============================================================================== --- db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita (original) +++ db/derby/docs/trunk/src/adminguide/tadminnetservbasic.dita Thu May 16 18:20:43 2013 @@ -69,6 +69,7 @@ grant codeBase "${derby.install.url}derb // The next two properties are used to determine if the VM is 32 or 64 // bit. + // permission java.util.PropertyPermission "sun.arch.data.model", "read"; permission java.util.PropertyPermission "os.arch", "read"; @@ -93,9 +94,7 @@ grant codeBase "${derby.install.url}derb permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; - // Permissions needed for JMX based management and monitoring, which is - // only available for JVMs supporting "platform management", that is - // Java SE 5.0 or better. + // Permissions needed for JMX based management and monitoring. // // Allows this code to create an MBeanServer: // @@ -120,6 +119,7 @@ grant codeBase "${derby.install.url}derb // getProtectionDomain is an optional permission needed for printing // classpath information to derby.log + // permission java.lang.RuntimePermission "getProtectionDomain"; // The following permission must be granted for @@ -129,6 +129,7 @@ grant codeBase "${derby.install.url}derb permission java.sql.SQLPermission "callAbort"; // Needed by file permissions restriction system: + // permission java.lang.RuntimePermission "accessUserInformation"; permission java.lang.RuntimePermission "getFileStoreAttributes"; }; @@ -145,6 +146,7 @@ grant codeBase "${derby.install.url}derb // or via the property derby.drda.host; the default is localhost. // You may want to restrict allowed hosts, e.g. to hosts in a specific // subdomain, e.g. "*.example.com". + // permission java.net.SocketPermission "*", "accept"; // Needed for server tracing. @@ -161,6 +163,7 @@ grant codeBase "${derby.install.url}derb // JMX: Uncomment this permission to allow the ping operation of the // NetworkServerMBean to connect to the Network Server. + // //permission java.net.SocketPermission "*", "connect,resolve"; // Needed by sysinfo. The file permission is needed to Modified: db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita?rev=1483488&r1=1483487&r2=1483488&view=diff ============================================================================== --- db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita (original) +++ db/derby/docs/trunk/src/adminguide/tadminnetservcustom.dita Thu May 16 18:20:43 2013 @@ -162,6 +162,7 @@ grant codeBase "file:/usr/local/share/sw // documentation for derby.storage.useDefaultFilePermissions in the // Reference Manual). Consider restricting the database file-level // permissions for security. + // permission java.lang.RuntimePermission "accessUserInformation"; permission java.lang.RuntimePermission "getFileStoreAttributes"; };