db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-622) sysinfo incorrectly requires permission on Derby jar files
Date Thu, 30 Mar 2006 19:07:28 GMT
    [ http://issues.apache.org/jira/browse/DERBY-622?page=comments#action_12372509 ] 

Daniel John Debrunner commented on DERBY-622:
---------------------------------------------

One comment on 3) in Andrew's comment. The specified behaviour for getResourceAsStream is
that it returns  "null if the resource could not be found or the caller doesn't have adequate
privileges to get the resource."

See ClassLoader.getResource(String)

> sysinfo incorrectly requires permission on Derby jar files
> ----------------------------------------------------------
>
>          Key: DERBY-622
>          URL: http://issues.apache.org/jira/browse/DERBY-622
>      Project: Derby
>         Type: Bug
>   Components: Security, Tools
>     Versions: 10.2.0.0
>     Reporter: Daniel John Debrunner
>     Priority: Minor
>      Fix For: 10.2.0.0
>  Attachments: DERBY-622_step1.diff
>
> Running the test derbynet/sysinfo.java requires this permission in derby_tests.policy,
in order to read the jar files.
> permission java.io.FilePermission "${csinfo.codedir}${/}*", "read"
> But according to the Java security specs:
> 'Note: code can always read a file from the same directory it's in (or a subdirectory
of that directory); it does not need explicit permission to do so.'
> Probably means a privileged block is required when accessing the contents of the jar
files in sysinfo

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message