Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 81552 invoked from network); 20 Feb 2007 23:28:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 20 Feb 2007 23:28:27 -0000 Received: (qmail 98717 invoked by uid 500); 20 Feb 2007 23:28:35 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 98690 invoked by uid 500); 20 Feb 2007 23:28:35 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 98679 invoked by uid 99); 20 Feb 2007 23:28:34 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Feb 2007 15:28:34 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Feb 2007 15:28:26 -0800 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id CF19E7141EE for ; Tue, 20 Feb 2007 15:28:05 -0800 (PST) Message-ID: <33402460.1172014085845.JavaMail.jira@brutus> Date: Tue, 20 Feb 2007 15:28:05 -0800 (PST) From: "Bernt M. Johnsen (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-2196) Run standalone network server with security manager by default In-Reply-To: <4216116.1166553920991.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-2196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12474607 ] Bernt M. Johnsen commented on DERBY-2196: ----------------------------------------- Rick Hillegas [20/Feb/07 06:54 AM]: > [...] I'm not a big fan of introducing a lot of flags to control > individual security features. I see the need for simplicity, because security is rather complex. But, we can't have one unsecure mode with everything turned off and another with everything turned on. Every security feature has some penalty like performance degradation (like SSL or running with security manager) or administrative complexity (getting the policy file right or certificate distribution for SSL peer authentication) and the user/application programmer will have to do a trade-off between e.g. performance and security based on his/hers specific needs. > Run standalone network server with security manager by default > -------------------------------------------------------------- > > Key: DERBY-2196 > URL: https://issues.apache.org/jira/browse/DERBY-2196 > Project: Derby > Issue Type: Improvement > Components: Network Server, Security > Reporter: Daniel John Debrunner > Assigned To: Rick Hillegas > Attachments: derby-2196-01-print-01.diff, derby-2196-01-print-02.diff, derby-2196-01-print-03.diff, derby-2196-02-install-01.diff, derby-2196-03-tests-01.diff, secureServer.html, secureServer.html, secureServer.html, secureServer.html, secureServer.html, secureServer.html > > > From an e-mail discussion: > ... Derby should match the security provided by typical client server systems such as DB2, Oracle, etc. I > think in this case system/database owners are trusting the database > system to ensure that their system cannot be attacked. So maybe if Derby > is booted as a standalone server with no security manager involved, it > should install one with a default security policy. Thus allowing Derby > to use Java security manager to manage system privileges but not > requiring everyone to become familiar with them. > http://mail-archives.apache.org/mod_mbox/db-derby-dev/200612.mbox/%3c4582FE67.7040308@apache.org%3e > I imagine such a policy would allow any access to databases under derby.system.home and/or user.home. > By standalone I mean the network server was started though the main() method (command line). -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.