db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Van Couvering" <da...@vancouvering.com>
Subject Re: 10.3 Concern: Need to make DBO restrictions [Derby-2264] optional at upgrade
Date Tue, 29 May 2007 21:24:50 GMT
When we discussed this previously, I had asked Rick to take this to
the users, and he did, see:

http://www.nabble.com/Naming-the-next-Derby-feature-release-tf3329320.html#a9257363

I thought that for most folks, authentication is turned OFF.  I also
thought that the default for Derby is to have authentication turned
off.  If this is not the case, then I think we have a real issue here.
 Also, are we going to change it so that authentication is on by
default?  If that's true and you also can't shut down the database
without DBO authority, then I think this may be a bigger issue than I
had thought.

The question is, if a large subset of the community are going to
experience some kind of impact by this change, then we should think
very carefully before we break their existing apps.

Also, the message Rick sent out was entitled "Naming the next Derby
Release," and thinking about it now I don't believe caught enough
people's attention.   Perhaps a re-send might make sense given this
debate...

David

On 5/29/07, Rick Hillegas <Richard.Hillegas@sun.com> wrote:
> Daniel John Debrunner wrote:
> > Dag H. Wanvik wrote:
> >> Hi,
> >>
> >> Stanley Bradbury <Stan.Bradbury@gmail.com> writes:
> >>
> >>> I feel strongly that the restrictions implemented by DERBY-2264 must
> >>> be tied to sqlAuthorization (or a new property of it's own) being
> >>> turned on.  The restrictions need to be optional at upgrade otherwise
> >>
> >> I understand your concerns. I addressed the upgrade issue several
> >> times in the discussion of this issue, but felt the community
> >> preferred the semantics which are currently implemented, landing on
> >> the side of a sensible secure-by-default behavior. Options:
> >
> > Was there any discussion outside of comments in DERBY-2264? I looked
> > in the archives but couldn't see any between 2007/02/13 and
> > 2007/02/20. I picked that date range because on 02/20 you said in
> > DERBY-2264
> >
> >  "Right, it seems both Dan and Rick are less concerned than me about the
> > compatibility here issue, so I rest my case. "
> >
> > That was the first comment since 02/13, however, I don't see how my
> > single comment in DERBY-2264 could lead you to that conclusion, I
> > thought it's was just factual about authentication states. I'm sure
> > there must have been a discussion elsewhere, but I can't find it at
> > the moment.
> >
> > Dan.
> >
> >
> >
> I don't see any other discussion beyond what appears in DERBY-2264. I
> like Dag's original proposal that we should restrict DBO powers only if
> both authentication and authorization are enabled. I don't like the idea
> of adding another security knob for this.
>
> Regards,
> -Rick
>

Mime
View raw message