db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Assigned: (DERBY-4708) In the Administration Guide, clarify that you need to adjust file permissions in your security policy in order to prevent import/export from accessing sensitive files outside your Derby subsystem
Date Tue, 22 Jun 2010 16:55:56 GMT

     [ https://issues.apache.org/jira/browse/DERBY-4708?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rick Hillegas reassigned DERBY-4708:
------------------------------------

    Assignee: Rick Hillegas

> In the Administration Guide, clarify that you need to adjust file permissions in your
security policy in order to prevent import/export from accessing sensitive files outside your
Derby subsystem
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-4708
>                 URL: https://issues.apache.org/jira/browse/DERBY-4708
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions: 10.6.1.0
>            Reporter: Rick Hillegas
>            Assignee: Rick Hillegas
>
> Right now the Derby Administration Guide advises users to adjust permissions in their
security policy file in order to prevent backup/restore from clobbering and inspecting sensitive
files outside the Derby subsystem. This advice can be found in the section titled "Basic Network
Server security policy". This section should be clarified to note that you can suffer similar
exposure from the export/import procedures and that you need to adjust your security policy
for them as well.
> Note that this section does link to another, detailed section, which describes the security
policy implications for both backup/restore and export/import: "Customizing the Network Server's
security policy".

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message