db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John H. Embretsen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-3462) Require new permissions in o.a.d.security.SystemPermission to allow control to Derby's JMX management and to ensure information is not leaked through JMX
Date Fri, 14 Mar 2008 14:42:24 GMT

    [ https://issues.apache.org/jira/browse/DERBY-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12578772#action_12578772
] 

John H. Embretsen commented on DERBY-3462:
------------------------------------------

Let me rephrase the first question, I hope this is more clear:
If JMX authentication is enabled, and the custom policy file includes permissions for a specific
user to perform a set of JMX actions, then are the above mentioned permissions still needed
for derby.jar, or are they not?
I guess I could find out by experimenting and reading code, but I thought I might just as
well ask.

The last part I guess was part of an attempt to understand the relationship between the new
system permissions and MBeanPermission. Again, I think experimenting and studying code would
help me do this, but some more examples on the wiki or in the javadocs probably woldn't hurt
either.

By the way, if you have any thoughts on what kind of documentation (DITA) should/could be
included in 10.4 for the JMX work, please add a comment to DERBY-3540. I guess doc efforts
would depend on whether or not this security work is going to be part of 10.4, and when it
will stabilize.

> Require new permissions in o.a.d.security.SystemPermission to allow control to Derby's
JMX management and to ensure information is not leaked through JMX
> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3462
>                 URL: https://issues.apache.org/jira/browse/DERBY-3462
>             Project: Derby
>          Issue Type: Sub-task
>          Components: JMX, Security
>            Reporter: Daniel John Debrunner
>            Priority: Minor
>
> Plan is to implement proposal defined in:
> http://wiki.apache.org/db-derby/JMXSecurityExpectations#head-de15a7e9d474784775933965fe963b6ac46e7ad0
> E.g.
> jmxControl for the ability to call the operations on ManagementMBean.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message