db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oystein Grovlen - Sun Norway <Oystein.Grov...@Sun.COM>
Subject Re: what is the right way to fix the import/export security issues (DERBY-2436, DERBY-2437)?
Date Tue, 10 Jul 2007 09:49:20 GMT
Bryan Pendleton wrote:
>> 1) try to code access privileges in the routines themselves, that is 
>> separate from java security manager.  Basically
>>    disallow access to derby files by adding code logic to determine if 
>> the files being read/written are derby files. 
> 
> Instead of trying to write this "negative" logic, figuring out
> what files *oughtn't* to be written to, perhaps it would be
> easier to specify things the other way, and change import/export
> so that they are only capable of reading-from/writing-to a
> new, well-known location, which is certain not to contain any
> other files of importance.
> 
> That is, for each database, we define a new "import/export scratch space",
> whose location defaults to something reasonable but can be configured
> on a database-by-database basis if necessary, and import only ever
> looks for files in that directory, and export only ever writes files
> to that directory.

I had the same thoughts as you, Bryan, but I guess this will introduce 
incompatibilities for existing users who currently gets to decide where 
the exported data should be written.

-- 
Øystein

Mime
View raw message