db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-709) SecurityException thrown when passing a relative path name when backing up database
Date Wed, 16 Nov 2005 02:09:30 GMT
    [ http://issues.apache.org/jira/browse/DERBY-709?page=comments#action_12357751 ] 

Daniel John Debrunner commented on DERBY-709:

Adding tests for absolute paths with backup would be good as well. Could use a Java function
to create a absolute path from a relative name. In that case the code for the function would
be in derby.jar whick can be granted permissions to read user.dir.



Maybe such tests exist already.

> SecurityException thrown when passing a relative path name when backing up database
> -----------------------------------------------------------------------------------
>          Key: DERBY-709
>          URL: http://issues.apache.org/jira/browse/DERBY-709
>      Project: Derby
>         Type: Bug
>   Components: Store, Security
>     Versions:,,
>     Reporter: Daniel John Debrunner
>     Priority: Minor

> ERROR 38000: The exception 'java.security.AccessControlException: access denied
> (java.util.PropertyPermission user.dir read)' was thrown while evaluating an exp
> ression)
> Can be seen in the store/encryptionKey.sql test, modify the _app.properties file to enable
the security manager.
> Due to logging messages using File.getCanonicalPath in RawStore.java, lines 675 and 686.
> Possible solutions:
>   - use a privileged block and required user.dir permission granted to user.dir to backup
to a relative directory
>   - use a privileged block,if a security exception is thrown then just display the relative
name, otherwise display the full name. This would allow backups to succeed without requiring
granting additional permissions to derby.jar
>   - just log the relative path

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message