db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <Richard.Hille...@Sun.COM>
Subject Re: [jira] Commented: (DERBY-1387) Add JMX extensions to Derby
Date Tue, 05 Feb 2008 21:44:38 GMT
Daniel John Debrunner wrote:
> Rick Hillegas wrote:
>> Daniel John Debrunner wrote:
>>> Rick Hillegas (JIRA) wrote:
>>>>     [ 
>>>> https://issues.apache.org/jira/browse/DERBY-1387?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12565836#action_12565836

>>>> ]
>>>> Rick Hillegas commented on DERBY-1387:
>>>> --------------------------------------
>>>>
>>>> I believe the reason that I was not able to connect at the end of 
>>>> my experiment was this: the server was actually brought down. 
>>>> Again, without presenting credentials, this seems like the wrong 
>>>> behavior to me.
>>>
>>> Isn't that Derby's behaviour at the moment, shutting the network 
>>> server down does not enforce authentication? Security enforcement 
>>> should not be the role of the JMX mbeans.
>>>
>>> Dan.
>> Right. I think there are at least two authentication issues here. One 
>> is the current behavior of the network server (the bug which will be 
>> addressed by Martin's work on DERBY-2109). The other issue is the 
>> fact that the current DERBY-1387 patch lets you get your hands on the 
>> server and system MBeans without presenting credentials. It's that 
>> latter issue which I'm talking about here.
>
> What would be the issue with getting access to those mbeans without 
> authentication? Just trying to understand the concern.
>
> Dan.
As currently implemented, via JConsole these MBeans allow anyone with a 
valid account on the server machine to view and change settings which 
only the System Administrator can view and change today. That seems like 
a security hole to me.

Regards,
-Rick

Mime
View raw message