db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kristian Waagan (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2556) Code paths for db restore do not use doPrivileged-calls, causing SecurityException
Date Wed, 09 May 2007 18:51:15 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12494553
] 

Kristian Waagan commented on DERBY-2556:
----------------------------------------

I reviewed the patch, and have some questions/comments:

 1) Then run method is declared to throw a number of exceptions, but only SecurityException
can be thrown.
 2) The patch for DERBY-2555 seems to be included. This doesn't really matter, but the two
patches can be committed separately (though only in one order).
 3) The newly added method mixes tabs and spaces for indentation (also on the same line).
 4) Missing JavaDoc (not required?)


thanks,

> Code paths for db restore do not use doPrivileged-calls, causing SecurityException
> ----------------------------------------------------------------------------------
>
>                 Key: DERBY-2556
>                 URL: https://issues.apache.org/jira/browse/DERBY-2556
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.2.2.0, 10.3.0.0
>         Environment: Derby running with a security manager.
>            Reporter: Kristian Waagan
>         Assigned To: Kathey Marsden
>         Attachments: derby-2556_diff.txt, derby-2556_stat.txt
>
>
> When using 'createFrom' or 'restoreFrom' in the JDBC url to restore a database from a
backup image, a SecurityException is thrown even though the policyfile for codebase derby.jar
is correctly configured (giving Derby access to the backup image).
> A few comments on this issue can be found here (and in subsequent comments): https://issues.apache.org/jira/browse/DERBY-1001#action_12439811
> A workaround is wrapping the connection call in doPrivileged at the "application-level
code", or granting the required permissions to the application codebase as well.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message