db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kathey Marsden (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-3086) The server policy needs to grant derbynet.jar more permissions so that sysinfo and drda tracing will work
Date Tue, 06 Nov 2007 17:13:51 GMT

    [ https://issues.apache.org/jira/browse/DERBY-3086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12540488
] 

Kathey Marsden commented on DERBY-3086:
---------------------------------------

Rick said:

>Could you explain the incompatibility which you see is >being introduced? I didn't
understand your concern. Here >is a little more information which may help: The code >which
sets DRDA_PROP_TRACEDIRECTORY is called >before the security manager is installed, so there
is no >need to grant write access to that property.

Looking more closely I see this is set only if installing the security manager. My concern
was that if I used my own policy file it would fall over trying to write this policy, but
I tried it and that does not seem to be the case. If I use my own policy file it does not
enter this code at all, so I think the change is ok after all.


> The server policy needs to grant derbynet.jar more permissions so that sysinfo and drda
tracing will work
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3086
>                 URL: https://issues.apache.org/jira/browse/DERBY-3086
>             Project: Derby
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 10.3.1.4
>            Reporter: Rick Hillegas
>            Assignee: Rick Hillegas
>         Attachments: derby-3086-01-morePermissions-aa.diff
>
>
> More permissions need to be granted to derbynet.jar in the server.policy file. David
van Couvering reports that if you bring up the server and run the following command:
> java -jar derbyrun.jar server sysinfo
> then you get security exceptions as the sysinfo code, running inside the network jarball
tries to read user.dir, user.home, user.name, java.home, and java.class.path.
> Kathey Marsden reports that  if you try to run the network server with drda tracing turned
on, then you get security exceptions when the server tries to open the trace log file.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message