db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-560) Provide finer grained security for connection attributes in Derby
Date Fri, 09 Sep 2005 17:00:31 GMT
    [ http://issues.apache.org/jira/browse/DERBY-560?page=comments#action_12323060 ] 

Daniel John Debrunner commented on DERBY-560:
---------------------------------------------

For create databases I think Derby should at least match the shutdown system behaviour. For
shutdown (jdbc:derby:;shutdown=true' the connection request  must pass system authentication
(if enabled). Logically create database should follow the same authentication check.

> Provide finer grained security for connection attributes in Derby
> -----------------------------------------------------------------
>
>          Key: DERBY-560
>          URL: http://issues.apache.org/jira/browse/DERBY-560
>      Project: Derby
>         Type: Improvement
>   Components: JDBC
>     Versions: 10.2.0.0
>     Reporter: Kathey Marsden

>
> Currently if authentication is enabled in Derby,  anyone who has access to a database
can connect with any attributes.  This makes sense as that is currently the only barrier to
access to  a Derby database.
> With talk of adding GRANT/REVOKE to provide finer grained access, consideration should
be given to also providing finer grained access to connection attributes, especially for Network
Server.  Giving any user that can access the system permission to shutdown and create databases
at will could be an issue.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message