Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 34876 invoked from network); 13 Jul 2007 01:05:26 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 13 Jul 2007 01:05:26 -0000 Received: (qmail 86233 invoked by uid 500); 13 Jul 2007 01:05:28 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 86195 invoked by uid 500); 13 Jul 2007 01:05:28 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 86186 invoked by uid 99); 13 Jul 2007 01:05:28 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Jul 2007 18:05:28 -0700 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Jul 2007 18:05:25 -0700 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id D54A771420C for ; Thu, 12 Jul 2007 18:05:04 -0700 (PDT) Message-ID: <11237878.1184288704863.JavaMail.jira@brutus> Date: Thu, 12 Jul 2007 18:05:04 -0700 (PDT) From: "Kathey Marsden (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-2925) Prevent export from overwriting existing files In-Reply-To: <9019766.1184203084453.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-2925?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12512321 ] Kathey Marsden commented on DERBY-2925: --------------------------------------- I think it is fine to reproduce with IJ and update importExportThruIJ.sql to test your change. The tests e.g. ImportExportBaseTest actually do call the procedure from a java program. It would be good to add a test there too. > Prevent export from overwriting existing files > ---------------------------------------------- > > Key: DERBY-2925 > URL: https://issues.apache.org/jira/browse/DERBY-2925 > Project: Derby > Issue Type: Sub-task > Components: Security, Tools > Affects Versions: 10.1.2.1, 10.2.2.0, 10.3.1.3, 10.4.0.0 > Reporter: Kathey Marsden > Assignee: Ramin Moazeni > > Export should not overwrite existing files, but rather insist that the user remove them before writing to the file. This will help prevent accidental or intentional corruption of the database with export. This may introduce a compatibility issue with export but because export is usually an attended utility and not typically invoked as part of an application, I think the risk is worth the additional security this will provide. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.