db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dag H. Wanvik (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5442) Create documentation for restrictive file permissions feature
Date Wed, 11 Apr 2012 21:45:18 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13251953#comment-13251953

Dag H. Wanvik commented on DERBY-5442:

Patch comment:

* Refman topic

> derby.storage.useDefaultFilePermissions
> Function
> If you run with Java SE 7, and if you start the Derby Network Server
> from the command line, access to databases and to other Derby files is
> by default restricted to the operating system account that started the
> Network Server. File access is not restricted for embedded databases
> or for databases managed by servers that are started programmatically
> inside application code using the Derby API.

"If you run with Java SE 7" -> "If you run with Java SE 7 or newer"

I'd say "database files and other files created by Derby",
i.e. derby.properties is a Derby file but not created by Derby and its
access will not be modified.

As for the logic here, I wonder if we should describe this in another
way to make it less confusing, maybe a matrix? 
(sorry it doesn't look good in here but you get the idea :-)

File access determined by:

E: access controlled entirely by OS environment of JVM, e.g. effective Unix umask or Window
default permissions
R: Derby restricts access to the operating system account that started the JVM

<= Java 6
           |Server from cmd line | Server programmatically started or embedded
           |        E            |      E
>= Java 7
           |Server from cmd line | Server programmatically started or embedded
           |                     |
No property|        R            |      E
specified  |                     |
           |                     |
true       |        E            |      E
           |                     |
false      |        R            |      R
           |                     |

* Admin guide topic: "Controlling database file access" 

Sentence two:

"This means that by default, other operating system accounts will have
no access to directories or files created by Derby. This behavior
enhances security for server-managed databases."

is perhaps not specific enough: "by default" here refers to the case
where the server is started from the command line only.

Maybe we should include a matrix here to?

> Create documentation for restrictive file permissions feature
> -------------------------------------------------------------
>                 Key: DERBY-5442
>                 URL: https://issues.apache.org/jira/browse/DERBY-5442
>             Project: Derby
>          Issue Type: Sub-task
>          Components: Documentation
>            Reporter: Dag H. Wanvik
>            Assignee: Kim Haase
>             Fix For:
>         Attachments: DERBY-5442.diff, DERBY-5442.stat, DERBY-5442.zip

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message