db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Created: (DERBY-2196) Run standalone network server with security manager by default
Date Tue, 19 Dec 2006 18:45:20 GMT
Run standalone network server with security manager by default

                 Key: DERBY-2196
                 URL: http://issues.apache.org/jira/browse/DERBY-2196
             Project: Derby
          Issue Type: Improvement
          Components: Network Server, Security
            Reporter: Daniel John Debrunner

>From an e-mail discussion:
... Derby should match the security  provided by typical client server systems such as DB2,
Oracle, etc. I 
think in this case system/database owners are trusting the database 
system to ensure that their system cannot be attacked. So maybe if Derby 
is booted as a standalone server with no security manager involved, it 
should install one with a default security policy. Thus allowing Derby 
to use Java security manager to manage system privileges but not 
requiring everyone to become familiar with them.


I imagine such a policy would allow any access to databases under derby.system.home and/or
By standalone I mean the network server was started though the main() method (command line).

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message