db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew McIntyre (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2908) 10.3.1.0 / 1.1.0 Derby eclipse plugin gives security error referring to user.dir read permission because derby.system.home is set to '.'
Date Fri, 06 Jul 2007 16:43:04 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2908?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12510732
] 

Andrew McIntyre commented on DERBY-2908:
----------------------------------------

I think it is probably the dot that causes java.io.Win32FileSystem to access the property
user.dir in order to get the canonical filename. The security exception is then thrown since
the Derby code further up the stack does not have permission to read user.dir. I'd have to
look at the code for java.io.Win32FileSystem, but I don't have that handy right now.

Clearly some other code path is taken when the dot is not present, since this works normally
outside of eclipse (no security exception with no derby.system.home set). If I have some time
later to day, I will try removing the default setting of the dot and build the plugin to see
if that solves the problem.

> 10.3.1.0 / 1.1.0 Derby eclipse plugin gives security error referring to user.dir read
permission because derby.system.home is set to '.'
> ----------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-2908
>                 URL: https://issues.apache.org/jira/browse/DERBY-2908
>             Project: Derby
>          Issue Type: Bug
>          Components: Eclipse Plug-in
>    Affects Versions: 10.3.0.0, 10.3.1.0, 10.3.1.1, 10.4.0.0
>         Environment: eclipse 3.2.1 with derby 10.3.1.0 core plugin, ui and doc plugin
1.1.0.
>            Reporter: Myrna van Lunteren
>         Attachments: derby-2908-patchDefaultPolicy-01.diff
>
>
> The Derby nature sets by default -Dderby.system.home=. (set in plugins/eclipse/org.apache.derby.ui/src/org/apache/derby/ui/properties/DerbyProperties.java
and checked in plugins/eclipse/org.apache.derby.ui/src/org/apache/derby/uitl/DerbyServerUtils.java)
> With the default security policy, however, such a setting for ij & NetworkServerControl
results in a security error in ij.
> (See stack in thread: http://www.nabble.com/10.3.1.0b-eclipse-plugin---default-security-tf4030218.html)
> It's possible this is a bug in itself...
> One work around is to add the following permission to the default policy file:
> permission java.util.PropertyPermission "user.dir", "read";
> Another solution is to not set the derby.system.home to anything by default, and if it's
not set to anything, not pass on -Dderby.system.home= to the networkserver process (specifying
-Dderby.system.home= without a value fails to start networkserver).
> This would mean increasing the version of the plugins. To 1.1.1?
> Yet another thing would be to adjust the plugin to handle adjusting the security policy...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message