db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dag H. Wanvik (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2811) Specifying -h with default security manager bars clients from connecting from any host
Date Thu, 14 Jun 2007 17:38:26 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12504852

Dag H. Wanvik commented on DERBY-2811:

Thanks for addressing this Rick!

I think this patch fixes both DERBY-2811 and DERBY-2814, great.

* There is possibly a bug still:

 It seems Derby supports IPv6, found this in the docs:

 //accepts connections from other hosts on an IPV6 system
 NetworkServerControl serverControl = new

 So, it seems, if the user has an IPv6 system, she would give -h "::"
 and that might fail with SocketPermission in the same
 way as ""?

* Also, I think we should update the user docs with the fact that this
 automatics translation from ""/"::" to "*" happens; some users
 might puzzle over it if they knew the SocketPermission syntax
 well.... ;) And perhaps would try supplying Derby with a -h "*" :(

* Question: When you set derby.drda.host finally (I had some problem
 understanding the comment's use of "force"), after Derby has created
 its socket and you have possibly change the syntax, so that the
 security manager will see the correct syntax when reading the policy
 file, the underlying premise is that Derby is done with using its
 value for socket creation purposes. 

 There is code in the server which sends properties to the client,
 cf. NetworkServerControlImpl#sendPropInfo->getPropertyValues which
 reads the host value from hostArg, rather than from the current value
 of derby.drda.host, which is the right thing to do, since, hostArg
 has the correct syntax, but it is slightly confusing, since, at that
 point in time, the values of sent derby.drda.host (==hostArg) and
 server's derby.drda.host will have (possibly syntactically) different
 values. Would it perhaps be useful to reset the value of
 derby.drda.host to the Derby syntax after the security manager is
 done with (I guess you might need to temporarily set it again if
 refreshing the security file later though), so as to avoid confusion
 and possible bugs down the line?

 In short, let derby.drda.host only have the SocketPermission syntax
 temporarily when creating security manager and when reloading policy

 *Or* it should be the other way around, that after this point in
 time, the syntax will remain compliant with SocketPermission. Either
 way, I'd love the comment to explain this in some more detail. Maybe
 a comment in Property.java where DRDA_PROP_HOSTNAME is declared and on
 declaration of 'hostArg' is due as well.

* I looked at the modified test and decorator but I need to read some
  more before I can comment on those changes.

* Nits:

 - some lines > 80

> Specifying -h with default security manager bars clients from connecting from
any host
> ----------------------------------------------------------------------------------------------
>                 Key: DERBY-2811
>                 URL: https://issues.apache.org/jira/browse/DERBY-2811
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server, Security
>    Affects Versions:
>            Reporter: Dag H. Wanvik
>            Assignee: Rick Hillegas
>         Attachments: derby-2811-01.diff
> The default policy file installed has this stanza:
>   :
>   permission java.net.SocketPermission "${derby.drda.host}:*", "accept"; 
>   :
> Normally, specifying -h to NetworkServerControl lets clients connect
> from any host, but with the default policy file installed
> connecting fails even from localhost.
> I think this is because SocketPermission only recognizes "*" as a catch-all.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message