db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-4428) Add proper delete mechanism for in-memory databases
Date Thu, 29 Oct 2009 16:52:59 GMT

    [ https://issues.apache.org/jira/browse/DERBY-4428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12771475#action_12771475
] 

Rick Hillegas commented on DERBY-4428:
--------------------------------------

Thanks for working on this, Kristian. Some comments follow:

> - the delete mechanism is generic (all storage factories that is writable). Should the
feature be in-memory specific, or also be allowed for the on-disk back end?

I think the feature should be designed so that it can be extended to the on-disk back end.
However, I would treat on-disk back ends as a separate JIRA--particularly because they have
extra problems as evidenced by your comment about the log.

> - authorization (currently it checks if the user is the database owner if authentication
is on, doesn't require SQL authorization to be on).

I wonder if we need to check whether authentication is on? In an embedded application with
no authentication, the default DBO will be APP. I think that in such a situation it would
be attractive if APP could delete her in-memory databases. In such a situation, I think it's
enough to require that there be no open connections to the database.

> - how to control/limit the creation of in-memory databases?
>    (could be used for DoS attack on a server?)

I agree that there is a DoS attack here. It's related to the DoS attack allowed by unlimited
creation of on-disk databases, and compounded by the extra memory which an in-memory database
chews up. The half-checked-in work on system privileges (DERBY-2109) defines a Java privilege
for creating databases. That privilege includes the specification of where you are allowed
to create databases. I believe that we should build on that work.

Thanks,
-Rick


> Add proper delete mechanism for in-memory databases
> ---------------------------------------------------
>
>                 Key: DERBY-4428
>                 URL: https://issues.apache.org/jira/browse/DERBY-4428
>             Project: Derby
>          Issue Type: Improvement
>          Components: JDBC, Services, Store
>    Affects Versions: 10.6.0.0
>            Reporter: Kristian Waagan
>            Assignee: Kristian Waagan
>         Attachments: derby-4428-0a-preview_patch.diff
>
>
> The current mechanism for deleting in-memory databases isn't good enough, and a proper
one must be added.
> It is also important to be able to delete in-memory databases, since they occupy valuable
main memory that should be discarded when the database is no longer needed.
> I intend to implement the mechanism by using the JDBC connection URL:
> "jdbc:derby:memory:myDatabase;delete=true[;user=X;password=Y]
> The connection attempt will throw an exception in any case, either because the request
failed or because it succeeded.
> Reasons for a failure can be invalid user and/or password, lacking encryption attributes,
or conflicting attributes.
> For the time being, only the database owner will be allowed to delete databases (*note*:
do we have a way to control/limit in-memory database creation?)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message