db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5510) It is easy to override authentication, authorization, and database-only properties if you have physical access to a database.
Date Tue, 22 Nov 2011 20:32:39 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13155413#comment-13155413
] 

Rick Hillegas commented on DERBY-5510:
--------------------------------------

Hi Dag,

Yes, I believe that encryption is a defense against this attack. Based on the discussion on
DERBY-5503, I think that it may be an unattractive, impractical defense for many applications.
Thanks.
                
> It is easy to override authentication, authorization, and database-only properties if
you have physical access to a database.
> -----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-5510
>                 URL: https://issues.apache.org/jira/browse/DERBY-5510
>             Project: Derby
>          Issue Type: Bug
>          Components: Miscellaneous
>    Affects Versions: 10.9.0.0
>            Reporter: Rick Hillegas
>
> If you have write access to the directory containing a Derby database, then the following
easy exploit will let you change the contents of the database and possibly evade detection
for some time:
> 1) Create a vacuous dummy database with this ij command:
>      connect 'jdbc:derby:dummydb;create=true';
> 2) Copy the properties conglomerate (c10.dat) from the target database to a side location.
> 3) Now copy the vacuous c10.dat from dummydb into the seg0 directory of the target database.
> 4) Now connect to the target database with the following ij command and change anything
you want:
>      connect 'jdbc:derby:targetdb';
> 5) When you are done, copy c10.dat from the side location back into the seg0 directory
of the target database.
> I do not regard this as a new vulnerability. That is because once you have write access
to a Derby database directory, you have unlimited power to change and corrupt the database.
However, I am filing this JIRA so that we will have a name for this particular easy exploit.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message