db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kristian Waagan (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-623) Derby monitor accesses two system properties without using a privileged block when built sane=true
Date Wed, 08 Mar 2006 22:44:39 GMT
    [ http://issues.apache.org/jira/browse/DERBY-623?page=comments#action_12369559 ] 

Kristian Waagan commented on DERBY-623:
---------------------------------------

By looking at the description of the bug, I really can't see that the changes I implemented
are outside the scope of the bug:
"The engine contains code to read system properties using privileged blocks, this should be
used by the monitor."

About the only thing changed by patch 'DERBY-623-1a.diff' is that the properties (including
'System.getProperties()') that was previously read outside a privileged block is now read
inside one.
I take your previous comment was related to the parts of the code that use the result of 'System.getProperties()',
and removing this should be easy enough for someone that knows the code a little. Based on
the comments in the method 'runWithState', I think I'll step down since I don't know the story
of the unit tests and the overall function of BaseMonitor.

In my opinion, your previous comment points in the direction of a new Jira issue.
That said, discarding the current patch and implementing the changes you talk about as part
of this issue is fine with me - but for the reason mentioned above this is not my itch.

> Derby monitor accesses two system properties without using a privileged block when built
sane=true
> --------------------------------------------------------------------------------------------------
>
>          Key: DERBY-623
>          URL: http://issues.apache.org/jira/browse/DERBY-623
>      Project: Derby
>         Type: Bug
>   Components: Services
>     Versions: 10.2.0.0
>     Reporter: Daniel John Debrunner
>     Assignee: Kristian Waagan
>     Priority: Minor
>  Attachments: DERBY-623-1a.diff, DERBY-623-1a.stat, DERBY-623-2b-javadoc.diff, DERBY-623-2b-javadoc.stat
>
> When built with sane=true and testing with the jars these permissions are required to
be granted all the way up the stack, currently this means for the tests granting them to the
network server jar.
>   permission java.util.PropertyPermission "derby.monitor.verbose", "read";
>   permission java.util.PropertyPermission "derby.debug.*", "read";
> The engine contains code to read system properties using privileged blocks, this should
be used by the monitor.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message