db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kristian Waagan (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2556) Code paths for db restore do not use doPrivileged-calls, causing SecurityException
Date Mon, 07 May 2007 23:40:15 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12494159
] 

Kristian Waagan commented on DERBY-2556:
----------------------------------------

The test includes a workaround, where the getConnection-call is wrapped in a doPrivileged-call
(see getPrivilegedConnection). If you remove these, I suppose you should still see the error.
DERBY-2555 is the issue tracking this task. If you don't beat me to it, I can create a patch
for it tomorrow, which you can apply and see if you see the problem reappear.

I would recommend reading the comments in DERBY-1001, as it was not clear to me at first what
the correct solution would be. Dan gave his opinion, and when I thought about the issue again,
his suggestion seemed right.

> Code paths for db restore do not use doPrivileged-calls, causing SecurityException
> ----------------------------------------------------------------------------------
>
>                 Key: DERBY-2556
>                 URL: https://issues.apache.org/jira/browse/DERBY-2556
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.2.2.0, 10.3.0.0
>         Environment: Derby running with a security manager.
>            Reporter: Kristian Waagan
>         Assigned To: Kathey Marsden
>
> When using 'createFrom' or 'restoreFrom' in the JDBC url to restore a database from a
backup image, a SecurityException is thrown even though the policyfile for codebase derby.jar
is correctly configured (giving Derby access to the backup image).
> A few comments on this issue can be found here (and in subsequent comments): https://issues.apache.org/jira/browse/DERBY-1001#action_12439811
> A workaround is wrapping the connection call in doPrivileged at the "application-level
code", or granting the required permissions to the application codebase as well.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message