db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2206) Provide complete security model for Java routines
Date Mon, 22 Jan 2007 21:35:30 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12466573

Rick Hillegas commented on DERBY-2206:

Here's another crack at this:

1) The default behavior for Derby is the current behavior with all of its security holes for
java routines.

2) To get secure behavior for java routines, the customer has to explicitly opt-in. Let's
be vague about what that entails right now.

3) If you do opt-in, then you get the SQL standard behavior:

   3a) Jar ids are mandatory.
   3b) There is no SYS.ENV pseudo-jar. Instead, to access methods in the JRE you have to include
little wrapper methods in your jar files that you loaded into the database.
   3c) The search order for customer-written routines is SQL standard: First we look in the
jar file where the routine lives. Then we look in the other jar files in the order specified
by SQLJ.ALTER_JAVA_PATH. Then we defer to the system class loader.
   3d) At runtime, when we invoke the routine, we make sure that it actually lives in the
declared jar file.

> Provide complete security model for Java routines
> -------------------------------------------------
>                 Key: DERBY-2206
>                 URL: https://issues.apache.org/jira/browse/DERBY-2206
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Rick Hillegas
>             Fix For:
> Add GRANT/REVOKE mechanisms to control which jar files can be mined for user-created
objects such as Functions and Procedures. In the future this may include Aggregates and Function
Tables also. The issues are summarized on the following wiki page: http://wiki.apache.org/db-derby/JavaRoutineSecurity.
Plugin management can be tracked by this JIRA rather than by DERBY-2109. This is a master
JIRA to which subtasks can be linked.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message