db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel John Debrunner <...@apache.org>
Subject Re: Compatibility issue for 10.4
Date Tue, 15 Jan 2008 16:41:30 GMT
Daniel John Debrunner wrote:
> Rick Hillegas wrote:

>> 2) In order to bring down the server using NetworkServerControl, the 
>> customer will need to supply username/password credentials.
> 
>  > I regard (2) as the fix to some serious bugs.
> 
> It might be useful to think about these as two separate issues, it's 
> really an implementation detail that DERBY-2109 addresses both of them.
> 
> Item 2) does fix a bug (has it been reported as a Jira issue?) where 
> unauthenticated users can shutdown a network server and database engine.
> So Item 2) could be fixed without system authorization (DERBY-2109) 
> changes, thus the justification for introducing 2) as a backwards 
> compatibility issue might be different to introducing 1).

Looking at this more it seems that item 2) only partially fixes the bug. 
If the server has system authentication but no security manager then 
from a reading of the spec and the initial e-mail in this thread then 
the bug remains. We may want to consider closing this security hole 
regardless of if there is a security manager. This then of course would 
change the backwards compatibility statement a little.


Dan.

Mime
View raw message