db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kathey Marsden (JIRA)" <derby-...@db.apache.org>
Subject [jira] Created: (DERBY-560) Provide finer grained security for connection attributes in Derby
Date Fri, 09 Sep 2005 16:53:43 GMT
Provide finer grained security for connection attributes in Derby
-----------------------------------------------------------------

         Key: DERBY-560
         URL: http://issues.apache.org/jira/browse/DERBY-560
     Project: Derby
        Type: Improvement
  Components: JDBC  
    Versions: 10.2.0.0    
    Reporter: Kathey Marsden


Currently if authentication is enabled in Derby,  anyone who has access to a database can
connect with any attributes.  This makes sense as that is currently the only barrier to access
to  a Derby database.

With talk of adding GRANT/REVOKE to provide finer grained access, consideration should be
given to also providing finer grained access to connection attributes, especially for Network
Server.  Giving any user that can access the system permission to shutdown and create databases
at will could be an issue.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message