db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nirmal Fernando <nirmal070...@gmail.com>
Subject Re: Additional Permission request to PlanExporter tool's tests
Date Sun, 11 Jul 2010 18:01:39 GMT
Thanks all, got rid of the need of additional permissions :).



On Sun, Jul 11, 2010 at 8:37 PM, Nirmal Fernando <nirmal070125@gmail.com> wrote:
> Thanks Kathey and Knut for pointing that out.
>
> Knut, thank you very much for your explanation.
> I'll make the code change.
>
>
> On Sun, Jul 11, 2010 at 8:33 PM, Knut Anders Hatlen
> <knut.hatlen@oracle.com> wrote:
>> Nirmal Fernando <nirmal070125@gmail.com> writes:
>>
>>> Do I have to perform IO operations like following?
>>>
>>> AccessController.doPrivileged
>>>             (new java.security.PrivilegedAction() {
>>>
>>>                     public Object run() {
>>> //IO operations
>>> }
>>> }
>>
>> Yes, exactly. You only need this around the call that creates the
>> FileOutputStream, not around every write() call on that stream.
>>
>>> Any documentation on this would be really nice.
>>
>> I haven't seen any document describing how to use it in Derby, but I
>> think the basic rule is that any call to a method that can raise a
>> SecurityException should be put inside a doPrivileged block, so that we
>> don't need to grant permissions to all jars in the call
>> stack.
>>
>> Unfortunately, we don't have any way to enforce this policy at build
>> time, but we run the tests under a security manager with a small set of
>> privileges granted to try to detect if we've missed something.
>>
>> --
>> Knut Anders
>>
>
>
>
> --
> Best Regards,
> Nirmal
>
> C.S.Nirmal J. Fernando
> Department of Computer Science & Engineering,
> Faculty of Engineering,
> University of Moratuwa,
> Sri Lanka.
>



-- 
Best Regards,
Nirmal

C.S.Nirmal J. Fernando
Department of Computer Science & Engineering,
Faculty of Engineering,
University of Moratuwa,
Sri Lanka.

Mime
View raw message