db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew McIntyre (JIRA)" <derby-...@db.apache.org>
Subject [jira] Updated: (DERBY-1273) Sysinfo should print a better message when it gets Security Exceptions accessing classpath info when run under security manager
Date Wed, 09 Aug 2006 06:50:14 GMT
     [ http://issues.apache.org/jira/browse/DERBY-1273?page=all ]

Andrew McIntyre updated DERBY-1273:
-----------------------------------

    Assignee:     (was: Andrew McIntyre)

After examining the behavior with and without the patch I currently have attached to this
issue, I believe that the current behavior, without this patch, is desirable. With the patch,
there is no output at all which indicates that the JCC driver could not be accessed, regardless
of the permissions granted to sysinfo, and it appears that with the patch, there occurs some
unwanted behavior with the -cp options to sysinfo where some output which previously reported
useful security exceptions will fail silently and report success at the end.

I believe that the release note attached to DERBY-688 covers the problem reported with this
issue. I would appreciate it if the reporter could close this issue if they agree with that
assessment.

> Sysinfo should print a better  message when it gets Security Exceptions accessing classpath
info when run under security manager
> --------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-1273
>                 URL: http://issues.apache.org/jira/browse/DERBY-1273
>             Project: Derby
>          Issue Type: Improvement
>          Components: Tools
>    Affects Versions: 10.2.0.0
>            Reporter: Kathey Marsden
>            Priority: Minor
>             Fix For: 10.2.0.0
>
>         Attachments: derby-1273-v2.diff, DERBY-1273.diff
>
>
> If sysinfo does not have getProtectionDomain privileges it cannot get some information
during classpath handling.  
> When this occurs it prints   Java Security Exceptions in the output e.g.
> JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
> [C:\bryan\src\derby\main\trunk\jars\sane\derby.jar] 10.2.0.0 alpha - (398049M)
> [C:\bryan\src\derby\main\trunk\jars\sane\derbytools.jar] 10.2.0.0 alpha - (398049M)
> [C:\bryan\src\derby\main\trunk\jars\sane\derbynet.jar] 10.2.0.0 alpha - (398049M)
> [C:\bryan\src\derby\main\trunk\jars\sane\derbyclient.jar] 10.2.0.0 alpha - (398049M)
> [Unable to access Protection Domain or Code Source for class class com.ibm.db2.jcc.DB2Driver:
access denied (java.lang.RuntimePermission getProtectionDomain)] 2.4 - (17)
> [C:\bryan\src\derby\main\trunk\jars\sane\db2jcc_license_c.jar] 2.4 - (17)
> [Java Security Exception: access denied (java.io.FilePermission c:\bryan\src\derby\main\trunk\tools\java\jakarta-oro-2.0.8.jar
read)] 
> [Java Security Exception: access denied (java.io.FilePermission c:\bryan\src\derby\main\trunk\tools\java\junit.jar
read)] 
> See DERBY-1229 notes.html for a complete explanation of the output.
> I am actually not sure what information is actually missing from sysinfo in this case
but  I  think it would be better if sysinfo just printed the classpath  and then printed a
generic warning with the information that it was not able to report rather than printing the
Security exceptions explicitly.
> This would be especially helpful for NetworkServerControl sysinfo because users are always
encouraged to run network server in security manager.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message