db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suresh Thalamati (JIRA)" <derby-...@db.apache.org>
Subject [jira] Updated: (DERBY-709) SecurityException thrown when passing a relative path name when backing up database
Date Tue, 28 Feb 2006 20:45:42 GMT
     [ http://issues.apache.org/jira/browse/DERBY-709?page=all ]

Suresh Thalamati updated DERBY-709:

    Attachment: derby-709_latest.diff

This pach (derby-709_latest.diff)  fixes the  problems appreared with earlier patch when tests
are run againest JARS. 

--- correctly catch the Security Exception  when  there is no permission to get a canonical
---  Modified the deryb_tests.plocy to allow deltes in  ${user.dir}${/}extinout${/}-    .,

      It is needed because , backup tests deletes the old copy of the backup  at the backup
---  set noSecurityManager = true for the tests that can not  be run under security manager
due to bug : 1066
---  changes st_1   properties to use external  tests dirs ,  so  that  tests does not required
 "user.dir" permission to create 
     parent  directories for the backup paths. 

TESTS:  storeall, encryptionAll passed.  on Jdk142/WindowsXP;   

It would be great if  some one can review and commit this patch. 


> SecurityException thrown when passing a relative path name when backing up database
> -----------------------------------------------------------------------------------
>          Key: DERBY-709
>          URL: http://issues.apache.org/jira/browse/DERBY-709
>      Project: Derby
>         Type: Bug
>   Components: Store, Security
>     Versions:,,
>     Reporter: Daniel John Debrunner
>     Assignee: Suresh Thalamati
>     Priority: Minor
>  Attachments: derby-709.diff, derby-709_latest.diff
> ERROR 38000: The exception 'java.security.AccessControlException: access denied
> (java.util.PropertyPermission user.dir read)' was thrown while evaluating an exp
> ression)
> Can be seen in the store/encryptionKey.sql test, modify the _app.properties file to enable
the security manager.
> Due to logging messages using File.getCanonicalPath in RawStore.java, lines 675 and 686.
> Possible solutions:
>   - use a privileged block and required user.dir permission granted to user.dir to backup
to a relative directory
>   - use a privileged block,if a security exception is thrown then just display the relative
name, otherwise display the full name. This would allow backups to succeed without requiring
granting additional permissions to derby.jar
>   - just log the relative path

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message