db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Knut Anders Hatlen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DERBY-3476) Permissions and Principal objects added by this feature need to be final and have serialization identifiers
Date Mon, 07 Jul 2014 14:34:34 GMT

     [ https://issues.apache.org/jira/browse/DERBY-3476?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Knut Anders Hatlen updated DERBY-3476:
--------------------------------------

    Attachment: d3476-1a-system-permission.diff

The patch [^d3476-1a-system-permission.diff] makes the following changes:

- Add a readObject() method to the SystemPermission class which performs validation of name
and actions when deserializing a SystemPermission object. (It performs the same checks as
in the constructor.)

- Add a test case that verifies that deserialization will raise exceptions when invalid SystemPermission
objects are read from a stream.

- Add test cases that verify that the SystemPermission, DatabasePermission and SystemPrincipal
classes are declared final.

All regression tests ran cleanly with the patch.

> Permissions and Principal objects added by this feature need to be final and have serialization
identifiers
> -----------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3476
>                 URL: https://issues.apache.org/jira/browse/DERBY-3476
>             Project: Derby
>          Issue Type: Sub-task
>          Components: Services
>            Reporter: Daniel John Debrunner
>         Attachments: d3476-1a-system-permission.diff
>
>
> Need serialization id to ensure the class is portable across releases.
> Need final to provide security.
> (assumes patch10 is committed from DERBY-2109)



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message