db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jean T. Anderson (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-701) Java 2 security policy file examples don't work -- are missing a needed line
Date Fri, 16 Dec 2005 01:32:45 GMT
    [ http://issues.apache.org/jira/browse/DERBY-701?page=comments#action_12360550 ] 

Jean T. Anderson commented on DERBY-701:
----------------------------------------

Here's a tested policy file for the example in http://db.apache.org/derby/docs/dev/adminguide/tadminnetservrun.html
.

(1) nsrv.policy file:

//Recommended set of permissions to start and use the Network Server,
//assuming the 'd:/derby/lib' directory has been secured. 
//Fine tune based on your environment settings
grant codeBase "file:d:/derby/lib/-" {
permission java.io.FilePermission "${derby.system.home}", "read";
permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
permission java.io.FilePermission "${user.dir}${/}-", "read, write, delete";
permission java.util.PropertyPermission "derby.*", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.lang.RuntimePermission "createClassLoader";
permission java.net.SocketPermission "localhost", "accept";
};

//Required set of permissions to stop the Network Server, assuming you have
// secured the 'd:/derby/lib' directory
//Remember to fine tune this as per your environment.
grant codeBase "file:d:/derby/lib/-"  {
//Following is required when server is started with "-h localhost" 
//or without the -h option
permission java.net.SocketPermission "localhost", "accept, connect,resolve";
permission java.net.SocketPermission "127.0.0.1", "accept, connect,resolve";
//The following is only required if the server is started with the -h <host> 
//option (else shutdown access will be denied).
permission java.net.SocketPermission "localhost:*", "accept, connect,resolve";
};


(2) Start the network server using this policy file:

 java -Djava.security.manager -Djava.security.policy=d:/nsrv.policy org.apache.derby.drda.NetworkServerControl
start

(3) Here's a simple example that shows how the policy restricts where users can create a new
database.

The user can create a database in the default derby system home:

   ij> connect 'jdbc:derby://localhost:1527/MyDbTest;create=true';

The user is prevented from creating a database in another location:

   ij> connect 'jdbc:derby://localhost:1527//BadTst;create=true';
   ERROR XJ040: DERBY SQL error: SQLCODE: -1, SQLSTATE: XJ040, SQLERRMC: 
Failed to start database '/BadTst', see the next exception for details.::SQLSTATE: XJ00
1Java exception: 'access denied (java.io.FilePermission C:\BadTst\service.properties read):
java.security.AccessControlException'.




> Java 2 security policy file examples don't work -- are missing a needed line
> ----------------------------------------------------------------------------
>
>          Key: DERBY-701
>          URL: http://issues.apache.org/jira/browse/DERBY-701
>      Project: Derby
>         Type: Bug
>   Components: Documentation
>     Versions: 10.1.1.1
>     Reporter: Jean T. Anderson
>     Priority: Minor

>
> These security policy file examples don't work as is:
>    http://db.apache.org/derby/docs/dev/devguide/rdevcsecure871406.html
>    http://db.apache.org/derby/docs/dev/devguide/rdevcsecure871422.html
>    http://db.apache.org/derby/docs/dev/devguide/rdevcsecure871439.html
> Each example needs this additional line:
>    permission java.io.FilePermission "${derby.system.home}","read";
> The email thread is here:
> http://mail-archives.apache.org/mod_mbox/db-derby-user/200511.mbox/%3c43704594.2090704@debrunners.com%3e
> To show one of the examples, here is the current text for Example 1:
> grant codeBase "file://f:/derby/lib/derby.jar" {
>   permission java.lang.RuntimePermission "createClassLoader";
>   permission java.util.PropertyPermission "derby.*", "read";
>   permission java.io.FilePermission "${derby.system.home}${/}-", "read,write,delete";
> };
> It needs to be this instead:
> grant codeBase "file://f:/derby/lib/derby.jar" {
>    permission java.lang.RuntimePermission "createClassLoader";
>    permission java.util.PropertyPermission "derby.*", "read";
>    permission java.io.FilePermission "${derby.system.home}","read";
>    permission java.io.FilePermission "${derby.system.home}${/}-","read,write,delete";
> };

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message