db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "quartz (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2451) a client can crash connections of another client
Date Wed, 04 Jul 2007 15:22:04 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2451?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12510213
] 

quartz commented on DERBY-2451:
-------------------------------

DERBY-2264 doesn't solves that problem. I think some misleading comments have been made.

You have to understand that with a "client" connection, one can crash another process client
connection.
It has nothing to do with privileges of the database owner.

The database "stats" owned by "bob" was started with a standalone server process.
If a remote process connects through a client connection with "bob" credentials to the server,
it is still NOT allowed to shut this stats database down.

The remote process isn't the controller of this database just because it used the owner credentials.
There is a big difference between disconnecting and performing an administrative shutdown
(
which should require administrative credentials and privileges, not only ownership privileges).

On the matter of developing a fix: there are people far more efficient than me that should
fix this critical issue.
And there are responsible people out there, making decision, otherwise everyone could check
in, mess up and leave.
Meanwhile, Sun's javadb depends on apache derby. So I don't know what incentive you need other
than a huge user base waiting...


> a client can crash connections of another client
> ------------------------------------------------
>
>                 Key: DERBY-2451
>                 URL: https://issues.apache.org/jira/browse/DERBY-2451
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server
>    Affects Versions: 10.2.2.0
>            Reporter: quartz
>            Priority: Critical
>
> Using 10.2.2.0.
> Steps to reproduce:
> 1-Start a NetworkServerControl
> 2-Start a 1st client (sqlworkbench/J), show some rows of some db, table X (stay connected)
> 3-Start a 2nd client (sqlworkbench/J), show some rows of some db, table X.
> 4-disconnect 2nd client
> 5-redo the 1st client query (refresh)
> You get a non architected message, sqlstate 58009, db errorcode -4499.
> In derby log, I see a shutdown of the database, and a restart.
> No matter how badly and corrupted a client connection can get, nor if the client connection
is
> a bug in any client,  such corruption should never destabilise a "server",
> certainly not other clients connections.
> It may be that the client tries to shutdown the DB; it shouldn't have such privilege
anyway since it
> is a network "client" connection, NOT  an embedded connection.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message