db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1627854 - in /db/derby/docs/trunk/src: security/csecembeddedperms.dita security/rsecnetservbasic.dita security/rsecpolicysample.dita tools/rtoolsoptlucenesecman.dita
Date Fri, 26 Sep 2014 18:24:19 GMT
Author: rhillegas
Date: Fri Sep 26 18:24:19 2014
New Revision: 1627854

URL: http://svn.apache.org/r1627854
Log:
DERBY-6744: Document that derbynet.jar and derbyoptionaltools.jar both need the usederbyinternals
permission; commit derby-6744-02-aa-derbynet-and-derbyoptionaltools.diff.

Modified:
    db/derby/docs/trunk/src/security/csecembeddedperms.dita
    db/derby/docs/trunk/src/security/rsecnetservbasic.dita
    db/derby/docs/trunk/src/security/rsecpolicysample.dita
    db/derby/docs/trunk/src/tools/rtoolsoptlucenesecman.dita

Modified: db/derby/docs/trunk/src/security/csecembeddedperms.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecembeddedperms.dita?rev=1627854&r1=1627853&r2=1627854&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecembeddedperms.dita (original)
+++ db/derby/docs/trunk/src/security/csecembeddedperms.dita Fri Sep 26 18:24:19 2014
@@ -36,18 +36,25 @@ Server requires additional permissions a
 <p>These permissions are listed approximately in the order shown in <xref
 href="rsecpolicysample.dita"/>. Some of the optional permissions are not
 included in <xref href="rsecpolicysample.dita"/>.</p>
-<section><title>Mandatory permissions</title><dl><dlentry>
+<section><title>Mandatory permissions</title><dl>
+<dlentry>
 <dt>permission java.lang.RuntimePermission "createClassLoader"</dt>
 <dd>Mandatory. It allows
 <ph conref="../conrefs.dita#prod/productshortname"></ph> to execute SQL queries
 and supports loading class files from jar files stored in the database.</dd>
-</dlentry><dlentry>
+</dlentry>
+<dlentry>
+<dt>permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals"</dt>
+<dd>Mandatory. It allows <ph conref="../conrefs.dita#prod/productshortname"></ph>
to access sensitive structures which application code should not touch.</dd>
+</dlentry>
+<dlentry>
 <dt>permission java.util.PropertyPermission "derby.*", "read"</dt>
 <dd>Allows <ph conref="../conrefs.dita#prod/productshortname"></ph> to
read
 individual <ph conref="../conrefs.dita#prod/productshortname"></ph> properties
 set in the JVM system properties. If the action is denied, the properties set in
 the JVM system properties are ignored.</dd>
-</dlentry></dl></section>
+</dlentry>
+</dl></section>
 <section><title>Optional permissions</title><dl><dlentry>
 <dt>permission java.util.PropertyPermission "user.dir", "read"</dt>
 <dd>Permits access to the system directory value if

Modified: db/derby/docs/trunk/src/security/rsecnetservbasic.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/rsecnetservbasic.dita?rev=1627854&r1=1627853&r2=1627854&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/rsecnetservbasic.dita (original)
+++ db/derby/docs/trunk/src/security/rsecnetservbasic.dita Fri Sep 26 18:24:19 2014
@@ -153,6 +153,9 @@ grant codeBase "${derby.install.url}derb
   permission java.util.PropertyPermission 
       "derby.__serverStartedFromCmdLine", "read, write";
 
+  // Needed to boot MBeans
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
+
   // JMX: Uncomment this permission to allow the ping operation of the 
   //      NetworkServerMBean to connect to the Network Server.
   //

Modified: db/derby/docs/trunk/src/security/rsecpolicysample.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/rsecpolicysample.dita?rev=1627854&r1=1627853&r2=1627854&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/rsecpolicysample.dita (original)
+++ db/derby/docs/trunk/src/security/rsecpolicysample.dita Fri Sep 26 18:24:19 2014
@@ -147,7 +147,8 @@ grant codeBase "file:///Users/me/javadb/
   permission java.util.PropertyPermission 
       "derby.__serverStartedFromCmdLine", "read, write";
 
-  //
+  // JMX: Needed to boot MBeans
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
   // JMX: Uncomment this permission to allow the ping operation of the 
   //      NetworkServerMBean to connect to the Network Server.
   //permission java.net.SocketPermission "*", "connect,resolve";

Modified: db/derby/docs/trunk/src/tools/rtoolsoptlucenesecman.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/tools/rtoolsoptlucenesecman.dita?rev=1627854&r1=1627853&r2=1627854&view=diff
==============================================================================
--- db/derby/docs/trunk/src/tools/rtoolsoptlucenesecman.dita (original)
+++ db/derby/docs/trunk/src/tools/rtoolsoptlucenesecman.dita Fri Sep 26 18:24:19 2014
@@ -37,6 +37,7 @@ files.</shortdesc>
 grant codeBase "${derby.install.url}derbyoptionaltools.jar"
 {
   permission java.util.PropertyPermission "derby.system.home", "read";
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
 
   // all databases under derby.system.home 
   permission java.io.FilePermission



Mime
View raw message