db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-623) Derby monitor accesses two system properties without using a privileged block when built sane=true
Date Thu, 09 Mar 2006 18:51:39 GMT
    [ http://issues.apache.org/jira/browse/DERBY-623?page=comments#action_12369713 ] 

Daniel John Debrunner commented on DERBY-623:

It seems out of scope to me because the summary talks about reading two specific properties,
listed in the description, and the description talks about using existing code with existing
privilege blocks.

Your code addresses reading all system properties and adds a new privilege block, doesn't
seem to overlap in my mind.

I think the patch is fine and can go into the trunk, but say I wanted to merge this up to
10.1 branch, I would be more comfortable merging just the specific fix rather than this additional
change that can change the behaviour.

> Derby monitor accesses two system properties without using a privileged block when built
> --------------------------------------------------------------------------------------------------
>          Key: DERBY-623
>          URL: http://issues.apache.org/jira/browse/DERBY-623
>      Project: Derby
>         Type: Bug
>   Components: Services
>     Versions:
>     Reporter: Daniel John Debrunner
>     Assignee: Kristian Waagan
>     Priority: Minor
>  Attachments: DERBY-623-1a.diff, DERBY-623-1a.stat, DERBY-623-2b-javadoc.diff, DERBY-623-2b-javadoc.stat
> When built with sane=true and testing with the jars these permissions are required to
be granted all the way up the stack, currently this means for the tests granting them to the
network server jar.
>   permission java.util.PropertyPermission "derby.monitor.verbose", "read";
>   permission java.util.PropertyPermission "derby.debug.*", "read";
> The engine contains code to read system properties using privileged blocks, this should
be used by the monitor.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message