db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dag.Wan...@Sun.COM (Dag H. Wanvik)
Subject Re: [jira] Assigned: (DERBY-2925) Prevent export from overwriting existing files
Date Mon, 16 Jul 2007 12:49:15 GMT

>> Prevent export from overwriting existing files
>> ----------------------------------------------
>>
>>                 Key: DERBY-2925
>>                 URL: https://issues.apache.org/jira/browse/DERBY-2925
>>             Project: Derby
>>          Issue Type: Sub-task
>>          Components: Security, Tools
>>    Affects Versions: 10.1.2.1, 10.2.2.0, 10.3.1.3, 10.4.0.0
>>            Reporter: Kathey Marsden
>>            Assignee: Ramin Moazeni
>>
>> Export should not overwrite existing files, but rather insist that
>> the user remove them before writing to the file.  This will help
>> prevent accidental or intentional corruption of the database with
>> export.  This may introduce a compatibility issue with export but
>> because export is usually an attended utility and not typically
>> invoked as part of an application, I think the risk is worth the
>> additional security this will provide.

I am not sure blanket prohibition on exporting to existing files is
the best approach. Apart from the compatibility issue I would say
there is a usability issue as well, I know I never use "noclobber" in
my UNIX shell settings ;) I think what we are trying to achieve here
is to protect the database files. Couldn't a separate jar for this
part of the code solve the issue (with a policy only allowing write to
a dedicated export directory by default). If a separate jar is
considered undesirable, one could limit the export to a relative file
path and always require that it contain an export directory as its
first path element, say "export". Just my 0.02 cents, please forgive
if I missed some context discussions here.



Mime
View raw message