db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oystein Grovlen - Sun Norway <Oystein.Grov...@Sun.COM>
Subject Re: [jira] Commented: (DERBY-2109) System privileges
Date Fri, 15 Dec 2006 08:40:45 GMT
Rick Hillegas wrote:

 > It seems to me a sysadmin needs our system privileges because she wants
 > to prevent malicious shutdown (shutdownEngine privilege) and resource
 > hogging (createDatabase privilege). I suspect that she also wants to
 > control malicious shutdown via unauthorized calls to System.exit() and
 > resource hogging via unauthorized use of java.io classes. For instance,
 > she needs to prevent the following:

A lot of systems will not have any externally installed java code, and
will not consider your case to be an issue.  For many such systems,
the main concern is not malicious users, but things happening by
accident.  Examples:

   - Someone use the default (or mistypes) port number and shuts down
     the wrong engine.
   - Some ports an embedded application to client/server and does not
     remove the shutdown call.

For systems in this category, using policy files seems like an
unecessary overhead.

-- 
Øystein

Mime
View raw message