Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 39278 invoked from network); 15 Nov 2007 18:30:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 15 Nov 2007 18:30:15 -0000 Received: (qmail 39437 invoked by uid 500); 15 Nov 2007 18:29:50 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 39409 invoked by uid 500); 15 Nov 2007 18:29:50 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 39398 invoked by uid 99); 15 Nov 2007 18:29:50 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 15 Nov 2007 10:29:49 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from [68.142.229.93] (HELO smtp112.sbc.mail.re2.yahoo.com) (68.142.229.93) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 15 Nov 2007 18:29:35 +0000 Received: (qmail 65341 invoked from network); 15 Nov 2007 18:29:28 -0000 Received: from unknown (HELO ?9.72.133.48?) (ddebrunner@sbcglobal.net@32.97.110.142 with plain) by smtp112.sbc.mail.re2.yahoo.com with SMTP; 15 Nov 2007 18:29:27 -0000 X-YMail-OSG: AaEabFAVM1m4fRwO_j.pjxSf9VtY2pcltnuHuzIS40uOPKRN8xQwUigm4ESEMaIvFUbdcXguk0cdwAW_hDOLKWslf8LL5kWzCiZrCZrVRO_9eviWNxxsKDSpNJk39xY51pBg903DS9.H8lo- Message-ID: <473C9006.8020104@apache.org> Date: Thu, 15 Nov 2007 10:29:26 -0800 From: Daniel John Debrunner User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: derby-dev@db.apache.org Subject: Re: Installing a SecurityManager by default when the server boots References: <47320BAE.60609@sun.com> In-Reply-To: <47320BAE.60609@sun.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Rick Hillegas wrote: > As of release 10.3, when you boot the network server from the command > line, the server installs a Java SecurityManager with a default policy. > This change (DERBY-2196) limits the ability of hackers, connecting from > arbitrary machines, to use Derby to corrupt the environment in which it > is running. Interesting survey on unprotected databases on the internet! http://www.regdeveloper.co.uk/2007/11/15/unprotected_databases_survey/ Dan.