db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew McIntyre (JIRA)" <derby-...@db.apache.org>
Subject [jira] Resolved: (DERBY-622) sysinfo incorrectly requires permission on Derby jar files
Date Tue, 01 Aug 2006 05:23:17 GMT
     [ http://issues.apache.org/jira/browse/DERBY-622?page=all ]

Andrew McIntyre resolved DERBY-622.
-----------------------------------

    Resolution: Fixed

I am closing this issue as fixed. During testing, it became apparent that there were a couple
of places in sysinfo that needed privileged blocks, and these were fixed by a patch by Myrna,
which I committed with revision 390000.

However, there is now a sysinfo.policy file which grants the permissions that the description
of this issue complained should not be necessary. From the description of this issue:

...
permission java.io.FilePermission "${csinfo.codedir}${/}*", "read" 

But according to the Java security specs: 

'Note: code can always read a file from the same directory it's in (or a subdirectory of that
directory); it does not need explicit permission to do so.' 
...

This is true for classes in a directory, but for jars, FilePermission to read other jars must
be granted explicitly, which is why:

grant codeBase "${derbyTesting.codejar}/derbytools.jar" {
  permission java.io.FilePermission "${derbyTesting.codedir}${/}*", "read";
};

is granted, so that derbytools.jar can read from any other jar file (like the locale jar files)
in the directory which it is in. Similar permissions are granted to derby.jar and derbynet.jar,
depending on which jar file is first in the classpath, and thus, from which the sysinfo classes
are loaded first.

The only remaining comment I have is that, in light of the above with regard to the security
spec, and the comments attached to this issue, these lines in derbynet/sysinfo.policy seem
superfluous:

grant codeBase "${derbyTesting.codeclasses}" {
  // the following two lines shouldn't be needed
  permission java.io.FilePermission "${derbyTesting.codedir}", "read";
  permission java.io.FilePermission "${derbyTesting.codeclasses}${/}*", "read";
};

These lines were granted as part of DERBY-955, in particular see this mail: 

http://www.nabble.com/Re%3A--jira--Updated%3A-%28DERBY-955%29-Get-derbyall-on-jdk1.6-p3977396.html

and the followups. I have tested derbynet/sysinfo.properties and derbynet/sysinfo_withproperties
with JDK 1.5 on Mac OS X without the above lines and the tests passed. So, it might be desirable
to revisit granting these permissions to the sysinfo tests.

> sysinfo incorrectly requires permission on Derby jar files
> ----------------------------------------------------------
>
>                 Key: DERBY-622
>                 URL: http://issues.apache.org/jira/browse/DERBY-622
>             Project: Derby
>          Issue Type: Bug
>          Components: Security, Tools
>    Affects Versions: 10.2.0.0
>            Reporter: Daniel John Debrunner
>            Priority: Minor
>             Fix For: 10.2.0.0
>
>         Attachments: DERBY-622_step1.diff
>
>
> Running the test derbynet/sysinfo.java requires this permission in derby_tests.policy,
in order to read the jar files.
> permission java.io.FilePermission "${csinfo.codedir}${/}*", "read"
> But according to the Java security specs:
> 'Note: code can always read a file from the same directory it's in (or a subdirectory
of that directory); it does not need explicit permission to do so.'
> Probably means a privileged block is required when accessing the contents of the jar
files in sysinfo

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message