db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kristian Waagan (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-2556) Code paths for db restore do not use doPrivileged-calls, causing SecurityException
Date Wed, 03 Sep 2008 11:49:44 GMT

     [ https://issues.apache.org/jira/browse/DERBY-2556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Kristian Waagan updated DERBY-2556:

    Derby Info:   (was: [Patch Available])

Committed patch 5b to trunk with revision 691576.

Thanks for looking at the patch, Dag.
I decided to not factor out the privileged ops into private methods in BaseDataFileFactory
because each File method is called only once, and there is a run method calling the same File
methods that doesn't require a separate AccessController.doPrivileged call. The reason is
because the run method itself is executed in a privileged block. I thought it would be confusing
to add methods and not use them consistently.

I agree on the readability aspect though, and factoring out the methods is very easy.

Regarding backporting, I think it will require some manual changes due to a test change. The
GetCurrentProperties test was recently converted to JUnit, and a different policy file would
have to be modified. I also got a conflict in DssTrace, maybe because the functionality to
create the trace directory has been added?

Does anyone have thoughts on the factoring and backporting issues?

> Code paths for db restore do not use doPrivileged-calls, causing SecurityException
> ----------------------------------------------------------------------------------
>                 Key: DERBY-2556
>                 URL: https://issues.apache.org/jira/browse/DERBY-2556
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions:,
>         Environment: Derby running with a security manager.
>            Reporter: Kristian Waagan
>            Assignee: Kristian Waagan
>             Fix For:
>         Attachments: derby-2556-2a_whitespace-javadoc.diff, derby-2556-3a_alternative-patch.diff,
derby-2556-3a_alternative-patch.stat, derby-2556-4a_alternative-patch.diff, derby-2556-4a_alternative-patch.stat,
derby-2556-5a-reworked_fix.diff, derby-2556-5a-reworked_fix.stat, derby-2556-5b-reworked_fix.diff,
derby-2556-5b-reworked_fix.stat, derby-2556_diff.txt, derby-2556_stat.txt
> When using 'createFrom' or 'restoreFrom' in the JDBC url to restore a database from a
backup image, a SecurityException is thrown even though the policyfile for codebase derby.jar
is correctly configured (giving Derby access to the backup image).
> A few comments on this issue can be found here (and in subsequent comments): https://issues.apache.org/jira/browse/DERBY-1001#action_12439811
> A workaround is wrapping the connection call in doPrivileged at the "application-level
code", or granting the required permissions to the application codebase as well.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message