Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 83179 invoked from network); 30 Mar 2006 19:07:56 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 30 Mar 2006 19:07:56 -0000 Received: (qmail 44566 invoked by uid 500); 30 Mar 2006 19:07:51 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 44495 invoked by uid 500); 30 Mar 2006 19:07:51 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 44226 invoked by uid 99); 30 Mar 2006 19:07:50 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Mar 2006 11:07:50 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [192.87.106.226] (HELO ajax.apache.org) (192.87.106.226) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Mar 2006 11:07:49 -0800 Received: from ajax (localhost.localdomain [127.0.0.1]) by ajax.apache.org (Postfix) with ESMTP id 781586ACB6 for ; Thu, 30 Mar 2006 20:07:28 +0100 (BST) Message-ID: <318587749.1143745648489.JavaMail.jira@ajax> Date: Thu, 30 Mar 2006 20:07:28 +0100 (BST) From: "Daniel John Debrunner (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-622) sysinfo incorrectly requires permission on Derby jar files In-Reply-To: <337640581.1129210626474.JavaMail.jira@ajax.apache.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N [ http://issues.apache.org/jira/browse/DERBY-622?page=comments#action_12372509 ] Daniel John Debrunner commented on DERBY-622: --------------------------------------------- One comment on 3) in Andrew's comment. The specified behaviour for getResourceAsStream is that it returns "null if the resource could not be found or the caller doesn't have adequate privileges to get the resource." See ClassLoader.getResource(String) > sysinfo incorrectly requires permission on Derby jar files > ---------------------------------------------------------- > > Key: DERBY-622 > URL: http://issues.apache.org/jira/browse/DERBY-622 > Project: Derby > Type: Bug > Components: Security, Tools > Versions: 10.2.0.0 > Reporter: Daniel John Debrunner > Priority: Minor > Fix For: 10.2.0.0 > Attachments: DERBY-622_step1.diff > > Running the test derbynet/sysinfo.java requires this permission in derby_tests.policy, in order to read the jar files. > permission java.io.FilePermission "${csinfo.codedir}${/}*", "read" > But according to the Java security specs: > 'Note: code can always read a file from the same directory it's in (or a subdirectory of that directory); it does not need explicit permission to do so.' > Probably means a privileged block is required when accessing the contents of the jar files in sysinfo -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira