db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kathey Marsden (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-3086) The server policy needs to grant derbynet.jar more permissions so that sysinfo and drda tracing will work
Date Tue, 06 Nov 2007 00:10:53 GMT

    [ https://issues.apache.org/jira/browse/DERBY-3086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12540307

Kathey Marsden commented on DERBY-3086:

Thanks Rick for looking at this issue.  I think requiring write access to this property is
going to introduce an incompatible change.

+        if ( PropertyUtil.getSystemProperty( Property.DRDA_PROP_TRACEDIRECTORY ) == null
+        { System.setProperty( Property.DRDA_PROP_TRACEDIRECTORY, PropertyUtil.getSystemProperty(

The reason sysinfo is in all the jars I believe is so that if you have any of the jars in
your classpath, you will get valid sysinfo output.  For example a client configuration would
require only derbyclient.jar so would need access to sysinfo through that jar.

> The server policy needs to grant derbynet.jar more permissions so that sysinfo and drda
tracing will work
> ---------------------------------------------------------------------------------------------------------
>                 Key: DERBY-3086
>                 URL: https://issues.apache.org/jira/browse/DERBY-3086
>             Project: Derby
>          Issue Type: Bug
>          Components: Security
>    Affects Versions:
>            Reporter: Rick Hillegas
>            Assignee: Rick Hillegas
>         Attachments: derby-3086-01-morePermissions-aa.diff
> More permissions need to be granted to derbynet.jar in the server.policy file. David
van Couvering reports that if you bring up the server and run the following command:
> java -jar derbyrun.jar server sysinfo
> then you get security exceptions as the sysinfo code, running inside the network jarball
tries to read user.dir, user.home, user.name, java.home, and java.class.path.
> Kathey Marsden reports that  if you try to run the network server with drda tracing turned
on, then you get security exceptions when the server tries to open the trace log file.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message