Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 30279 invoked from network); 27 Jul 2006 10:13:44 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 27 Jul 2006 10:13:44 -0000 Received: (qmail 64172 invoked by uid 500); 27 Jul 2006 10:13:38 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 64143 invoked by uid 500); 27 Jul 2006 10:13:38 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 64118 invoked by uid 99); 27 Jul 2006 10:13:38 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 27 Jul 2006 03:13:38 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [209.237.227.198] (HELO brutus.apache.org) (209.237.227.198) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 27 Jul 2006 03:13:37 -0700 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 41E0D7141E3 for ; Thu, 27 Jul 2006 10:11:14 +0000 (GMT) Message-ID: <27894392.1153995074252.JavaMail.jira@brutus> Date: Thu, 27 Jul 2006 03:11:14 -0700 (PDT) From: "Andreas Korneliussen (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Updated: (DERBY-1598) unable to boot exisiting database from network server when running with security manager In-Reply-To: <12888318.1153994953862.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N [ http://issues.apache.org/jira/browse/DERBY-1598?page=all ] Andreas Korneliussen updated DERBY-1598: ---------------------------------------- Description: Myrna van Lunteren reported the following: ====Quote============ I ran into the following interesting situation with permissions granted as per derby_tests.policy, and I'm hoping someone can answer my questions: - start networkserver with derby_tests.policy as described in the remote server testing section of the java/testing/README.htm, but with -h - start an ij session, connect to the server creating a database - disconnect, exit ij, shutdown networkserver so far ok - start networkserver again just like before - start ij again just like before, connect to the same database again results in: ERROR XJ040: DERBY SQL error: SQLCODE: -1, SQLSTATE: XJ040, SQLERRMC: Failed to start database 'bladb', see the next exception for details.::SQLSTATE: XJ001Java exception: 'access denied (java.io.FilePermission /home/myrna/tsttmp5/srv/bladb/log/logmirror.ctrl read): java.security.AccessControlException'. One can dis- and reconnect fine as long as the network server is up, but once it has been bounced, reconnect fails. derby.log shows no stack trace, even though the following properties are set in derby.properties in derby.system.home: derby.infolog.append=true derby.language.logStatementText=true derby.stream.error.logSeverityLevel=0 ------------------ ... 2006-07-26 23:49:38.402 GMT Thread[DRDAConnThread_3,5,main] (DATABASE = bladb), (DRDAID = {1}), Failed to start database 'bladb', see the next exception for details. 2006-07-26 23:49:38.404 GMT Thread[DRDAConnThread_3,5,main] (DATABASE = bladb), (DRDAID = {1}), Java exception: 'access denied (java.io.FilePermission /home/myrna/tsttmp5/srv/bladb/log/logmirror.ctrl read): java.security.AccessControlException'. ---------------- The error goes away when I add the following permissions to derbynet.jar: // all databases under derby.system.home permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete"; ====End Quote ============ I have reproduced this problem manually. After adding some tracing calls in ..drda.Database.makeConnection() I got this stack trace: java.sql.SQLException: Failed to start database '/export/home/tmp/devel/derbydev/testing/testdb', see the next exception for details. at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:44) at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:88) at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:94) at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:173) at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:1955) at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1619) at org.apache.derby.impl.jdbc.EmbedConnection.(EmbedConnection.java:216) at org.apache.derby.impl.jdbc.EmbedConnection30.(EmbedConnection30.java:72) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:73) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:209) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:116) at org.apache.derby.impl.drda.Database.makeConnection(Database.java:232) at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1191) at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1169) at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2758) at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:1031) at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:874) at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:254) NEXT Exception follows java.security.AccessControlException: access denied (java.io.FilePermission /export/home/tmp/devel/derbydev/testing/testdb/log/logmirror.ctrl read) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269) at java.security.AccessController.checkPermission(AccessController.java:401) at java.lang.SecurityManager.checkPermission(SecurityManager.java:524) at java.lang.SecurityManager.checkRead(SecurityManager.java:863) at java.io.File.exists(File.java:678) at org.apache.derby.impl.store.raw.log.LogToFile.boot(LogToFile.java:2987) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) at org.apache.derby.impl.store.raw.data.BaseDataFileFactory.bootLogFactory(BaseDataFileFactory.java:1761) at org.apache.derby.impl.store.raw.data.BaseDataFileFactory.setRawStoreFactory(BaseDataFileFactory.java:1217) at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:373) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) at org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:987) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:738) at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:178) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1831) at org.apache.derby.impl.services.monitor.BaseMonitor.startProviderService(BaseMonitor.java:1697) at org.apache.derby.impl.services.monitor.BaseMonitor.findProviderAndStartService(BaseMonitor.java:1577) at org.apache.derby.impl.services.monitor.BaseMonitor.startPersistentService(BaseMonitor.java:990) at org.apache.derby.iapi.services.monitor.Monitor.startPersistentService(Monitor.java:541) at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1602) at org.apache.derby.impl.jdbc.EmbedConnection.(EmbedConnection.java:216) at org.apache.derby.impl.jdbc.EmbedConnection30.(EmbedConnection30.java:72) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:73) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:209) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:116) at org.apache.derby.impl.drda.Database.makeConnection(Database.java:232) at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1191) at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1169) at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2758) at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:1031) at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:874) at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:254) It seems like the method org.apache.derby.impl.store.raw.log.LogToFile.boot calls File.exists() directly, instead of doing it in a privileged block. So, a fix could possibly be to use privExists(..) as below: Index: LogToFile.java =================================================================== --- LogToFile.java (revision 425403) +++ LogToFile.java (working copy) @@ -2985,7 +2985,7 @@ } if (checkpointInstant == LogCounter.INVALID_LOG_INSTANT && - getMirrorControlFileName().exists()) + privExists(getMirrorControlFileName())) { checkpointInstant = readControlFile( I have tested that running with this, I did not get the security exception. However, I have not run any other tests on the proposed patch. was: Myrna van Lunteren reported the following: I ran into the following interesting situation with permissions granted as per derby_tests.policy, and I'm hoping someone can answer my questions: - start networkserver with derby_tests.policy as described in the remote server testing section of the java/testing/README.htm, but with -h - start an ij session, connect to the server creating a database - disconnect, exit ij, shutdown networkserver so far ok - start networkserver again just like before - start ij again just like before, connect to the same database again results in: ERROR XJ040: DERBY SQL error: SQLCODE: -1, SQLSTATE: XJ040, SQLERRMC: Failed to start database 'bladb', see the next exception for details.::SQLSTATE: XJ001Java exception: 'access denied (java.io.FilePermission /home/myrna/tsttmp5/srv/bladb/log/logmirror.ctrl read): java.security.AccessControlException'. One can dis- and reconnect fine as long as the network server is up, but once it has been bounced, reconnect fails. derby.log shows no stack trace, even though the following properties are set in derby.properties in derby.system.home: derby.infolog.append=true derby.language.logStatementText=true derby.stream.error.logSeverityLevel=0 ------------------ ... 2006-07-26 23:49:38.402 GMT Thread[DRDAConnThread_3,5,main] (DATABASE = bladb), (DRDAID = {1}), Failed to start database 'bladb', see the next exception for details. 2006-07-26 23:49:38.404 GMT Thread[DRDAConnThread_3,5,main] (DATABASE = bladb), (DRDAID = {1}), Java exception: 'access denied (java.io.FilePermission /home/myrna/tsttmp5/srv/bladb/log/logmirror.ctrl read): java.security.AccessControlException'. ---------------- The error goes away when I add the following permissions to derbynet.jar: // all databases under derby.system.home permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete"; I have reproduced this problem manually. After adding some tracing calls in ..drda.Database.makeConnection() I got this stack trace: java.sql.SQLException: Failed to start database '/export/home/tmp/devel/derbydev/testing/testdb', see the next exception for details. at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:44) at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:88) at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:94) at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:173) at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:1955) at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1619) at org.apache.derby.impl.jdbc.EmbedConnection.(EmbedConnection.java:216) at org.apache.derby.impl.jdbc.EmbedConnection30.(EmbedConnection30.java:72) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:73) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:209) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:116) at org.apache.derby.impl.drda.Database.makeConnection(Database.java:232) at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1191) at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1169) at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2758) at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:1031) at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:874) at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:254) NEXT Exception follows java.security.AccessControlException: access denied (java.io.FilePermission /export/home/tmp/devel/derbydev/testing/testdb/log/logmirror.ctrl read) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269) at java.security.AccessController.checkPermission(AccessController.java:401) at java.lang.SecurityManager.checkPermission(SecurityManager.java:524) at java.lang.SecurityManager.checkRead(SecurityManager.java:863) at java.io.File.exists(File.java:678) at org.apache.derby.impl.store.raw.log.LogToFile.boot(LogToFile.java:2987) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) at org.apache.derby.impl.store.raw.data.BaseDataFileFactory.bootLogFactory(BaseDataFileFactory.java:1761) at org.apache.derby.impl.store.raw.data.BaseDataFileFactory.setRawStoreFactory(BaseDataFileFactory.java:1217) at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:373) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) at org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:987) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:738) at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:178) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1831) at org.apache.derby.impl.services.monitor.BaseMonitor.startProviderService(BaseMonitor.java:1697) at org.apache.derby.impl.services.monitor.BaseMonitor.findProviderAndStartService(BaseMonitor.java:1577) at org.apache.derby.impl.services.monitor.BaseMonitor.startPersistentService(BaseMonitor.java:990) at org.apache.derby.iapi.services.monitor.Monitor.startPersistentService(Monitor.java:541) at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1602) at org.apache.derby.impl.jdbc.EmbedConnection.(EmbedConnection.java:216) at org.apache.derby.impl.jdbc.EmbedConnection30.(EmbedConnection30.java:72) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:73) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:209) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:116) at org.apache.derby.impl.drda.Database.makeConnection(Database.java:232) at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1191) at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1169) at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2758) at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:1031) at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:874) at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:254) It seems like the method org.apache.derby.impl.store.raw.log.LogToFile.boot calls File.exists() directly, instead of doing it in a privileged block. So, a fix could possibly be to use privExists(..) as below: Index: LogToFile.java =================================================================== --- LogToFile.java (revision 425403) +++ LogToFile.java (working copy) @@ -2985,7 +2985,7 @@ } if (checkpointInstant == LogCounter.INVALID_LOG_INSTANT && - getMirrorControlFileName().exists()) + privExists(getMirrorControlFileName())) { checkpointInstant = readControlFile( I have tested that running with this, I did not get the security exception. However, I have not run any other tests on the proposed patch. > unable to boot exisiting database from network server when running with security manager > ---------------------------------------------------------------------------------------- > > Key: DERBY-1598 > URL: http://issues.apache.org/jira/browse/DERBY-1598 > Project: Derby > Issue Type: Bug > Components: Store > Affects Versions: 10.2.0.0 > Reporter: Andreas Korneliussen > Priority: Blocker > > Myrna van Lunteren reported the following: > ====Quote============ > I ran into the following interesting situation with permissions > granted as per derby_tests.policy, and I'm hoping someone can answer > my questions: > - start networkserver with derby_tests.policy as described in the > remote server testing section of the java/testing/README.htm, but with > -h > - start an ij session, connect to the server creating a database > - disconnect, exit ij, shutdown networkserver > so far ok > - start networkserver again just like before > - start ij again just like before, connect to the same database again > results in: > ERROR XJ040: DERBY SQL error: SQLCODE: -1, SQLSTATE: XJ040, SQLERRMC: > Failed to start database 'bladb', see the next exception for > details.::SQLSTATE: XJ001Java exception: 'access denied > (java.io.FilePermission > /home/myrna/tsttmp5/srv/bladb/log/logmirror.ctrl read): > java.security.AccessControlException'. > One can dis- and reconnect fine as long as the network server is up, > but once it has been bounced, reconnect fails. > derby.log shows no stack trace, even though the following properties > are set in derby.properties in derby.system.home: > derby.infolog.append=true > derby.language.logStatementText=true > derby.stream.error.logSeverityLevel=0 > ------------------ > ... > 2006-07-26 23:49:38.402 GMT Thread[DRDAConnThread_3,5,main] (DATABASE > = bladb), (DRDAID = {1}), Failed to start database 'bladb', see the > next exception for details. > 2006-07-26 23:49:38.404 GMT Thread[DRDAConnThread_3,5,main] (DATABASE > = bladb), (DRDAID = {1}), Java exception: 'access denied > (java.io.FilePermission > /home/myrna/tsttmp5/srv/bladb/log/logmirror.ctrl read): > java.security.AccessControlException'. > ---------------- > The error goes away when I add the following permissions to derbynet.jar: > // all databases under derby.system.home > permission java.io.FilePermission "${derby.system.home}${/}-", > "read, write, delete"; > ====End Quote ============ > I have reproduced this problem manually. After adding some tracing calls in ..drda.Database.makeConnection() I got this stack trace: > java.sql.SQLException: Failed to start database '/export/home/tmp/devel/derbydev/testing/testdb', see the next exception for details. > at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:44) > at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:88) > at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:94) > at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:173) > at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:1955) > at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1619) > at org.apache.derby.impl.jdbc.EmbedConnection.(EmbedConnection.java:216) > at org.apache.derby.impl.jdbc.EmbedConnection30.(EmbedConnection30.java:72) > at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:73) > at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:209) > at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:116) > at org.apache.derby.impl.drda.Database.makeConnection(Database.java:232) > at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1191) > at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1169) > at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2758) > at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:1031) > at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:874) > at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:254) > NEXT Exception follows > java.security.AccessControlException: access denied (java.io.FilePermission /export/home/tmp/devel/derbydev/testing/testdb/log/logmirror.ctrl read) > at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269) > at java.security.AccessController.checkPermission(AccessController.java:401) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:524) > at java.lang.SecurityManager.checkRead(SecurityManager.java:863) > at java.io.File.exists(File.java:678) > at org.apache.derby.impl.store.raw.log.LogToFile.boot(LogToFile.java:2987) > at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) > at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) > at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) > at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) > at org.apache.derby.impl.store.raw.data.BaseDataFileFactory.bootLogFactory(BaseDataFileFactory.java:1761) > at org.apache.derby.impl.store.raw.data.BaseDataFileFactory.setRawStoreFactory(BaseDataFileFactory.java:1217) > at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:373) > at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) > at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) > at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) > at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) > at org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:987) > at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) > at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) > at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542) > at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418) > at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:738) > at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:178) > at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996) > at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290) > at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1831) > at org.apache.derby.impl.services.monitor.BaseMonitor.startProviderService(BaseMonitor.java:1697) > at org.apache.derby.impl.services.monitor.BaseMonitor.findProviderAndStartService(BaseMonitor.java:1577) > at org.apache.derby.impl.services.monitor.BaseMonitor.startPersistentService(BaseMonitor.java:990) > at org.apache.derby.iapi.services.monitor.Monitor.startPersistentService(Monitor.java:541) > at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1602) > at org.apache.derby.impl.jdbc.EmbedConnection.(EmbedConnection.java:216) > at org.apache.derby.impl.jdbc.EmbedConnection30.(EmbedConnection30.java:72) > at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:73) > at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:209) > at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:116) > at org.apache.derby.impl.drda.Database.makeConnection(Database.java:232) > at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1191) > at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1169) > at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2758) > at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:1031) > at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:874) > at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:254) > It seems like the method org.apache.derby.impl.store.raw.log.LogToFile.boot calls File.exists() directly, instead of doing it in a privileged block. > So, a fix could possibly be to use privExists(..) as below: > Index: LogToFile.java > =================================================================== > --- LogToFile.java (revision 425403) > +++ LogToFile.java (working copy) > @@ -2985,7 +2985,7 @@ > } > > if (checkpointInstant == LogCounter.INVALID_LOG_INSTANT && > - getMirrorControlFileName().exists()) > + privExists(getMirrorControlFileName())) > { > checkpointInstant = > readControlFile( > I have tested that running with this, I did not get the security exception. However, I have not run any other tests on the proposed patch. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira