db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-6617) Silently swallowed SecurityExceptions may disable Derby features, including security features.
Date Mon, 14 Jul 2014 13:22:05 GMT

    [ https://issues.apache.org/jira/browse/DERBY-6617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14060625#comment-14060625
] 

Rick Hillegas commented on DERBY-6617:
--------------------------------------

Here is the new heisenbug I saw in this test:

{noformat}
There was 1 failure:
1) testMissingFilePermission(org.apache.derbyTesting.unitTests.junit.MissingPermissionsTest)junit.framework.AssertionFailedError:
subprocess run failed: :Spawned MPT exitCode=143
STDERR:
java.security.policy: error adding Entry:
	java.net.MalformedURLException: no protocol: null
The file or directory system/nested could not be created due to a security exception: java.security.AccessControlException:
access denied (java.io.FilePermission system/nested write).
                
The file or directory system/nested could not be created due to a security exception: java.security.AccessControlException:
access denied (java.io.FilePermission system/nested write).
                
The file or directory system/nested could not be created due to a security exception: java.security.AccessControlException:
access denied (java.io.FilePermission system/nested write).
                

STDOUT:
java.lang.NullPointerException
	at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:147)
	at java.sql.DriverManager.getConnection(DriverManager.java:582)
	at java.sql.DriverManager.getConnection(DriverManager.java:154)
	at org.apache.derby.impl.tools.ij.ConnectionEnv.installConnection(ConnectionEnv.java:213)
	at org.apache.derby.impl.tools.ij.ConnectionEnv.init(ConnectionEnv.java:82)
	at org.apache.derby.impl.tools.ij.utilMain.initFromEnvironment(utilMain.java:179)
	at org.apache.derby.impl.tools.ij.Main.<init>(Main.java:244)
	at org.apache.derby.impl.tools.ij.Main.getMain(Main.java:196)
	at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:181)
	at org.apache.derby.impl.tools.ij.Main.main(Main.java:75)
	at org.apache.derby.tools.ij.main(ij.java:59)
ij version 10.11
ij> 
	at org.apache.derbyTesting.unitTests.junit.MissingPermissionsTest.testMissingFilePermission(MissingPermissionsTest.java:226)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at org.apache.derbyTesting.junit.BaseTestCase.runBare(BaseTestCase.java:118)
	at org.apache.derbyTesting.junit.BaseJDBCTestCase.runBareOverridable(BaseJDBCTestCase.java:440)
	at org.apache.derbyTesting.junit.BaseJDBCTestCase.runBare(BaseJDBCTestCase.java:457)
	at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
	at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
	at junit.extensions.TestSetup.run(TestSetup.java:25)
	at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
	at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
	at junit.extensions.TestSetup.run(TestSetup.java:25)
	at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
	at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
	at junit.extensions.TestSetup.run(TestSetup.java:25)
	at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
	at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
	at junit.extensions.TestSetup.run(TestSetup.java:25)
	at org.apache.derbyTesting.junit.BaseTestSetup.run(BaseTestSetup.java:57)
	at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
	at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
	at junit.extensions.TestSetup.run(TestSetup.java:25)
	at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
	at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
	at junit.extensions.TestSetup.run(TestSetup.java:25)

FAILURES!!!
Tests run: 3,  Failures: 1,  Errors: 0
{noformat}

I am inclined to disable this test until it can be stabilized. I don't think that this test
should further delay the creation of a 10.11.1 release candidate.

Other thoughts?

Thanks,
-Rick

> Silently swallowed SecurityExceptions may disable Derby features, including security
features.
> ----------------------------------------------------------------------------------------------
>
>                 Key: DERBY-6617
>                 URL: https://issues.apache.org/jira/browse/DERBY-6617
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.11.0.0
>            Reporter: Rick Hillegas
>            Assignee: Dag H. Wanvik
>         Attachments: derby-6617-04-aa-platformSpecificErrorText.diff, derby-6617-1.diff,
derby-6617-2.diff, derby-6617-2.status, derby-6617-3.diff, derby-6617-3.status, derby-6617-junit.diff,
fix-test.diff
>
>
> When the Monitor tries to read Derby properties, it silently swallows SecurityExceptions.
This means that the properties will be silently ignored if Derby has not been granted sufficient
privileges. This means that if you make a mistake crafting your security policy, then you
may disable authentication and authorization. You may not realize this until you have incurred
a security breach. This swallowing occurs at the following code locations:
> {noformat}
> org.apache.derby.impl.services.monitor.BaseMonitor readApplicationProperties Catch java.lang.SecurityException
1 line 1360
> org.apache.derby.impl.services.monitor.BaseMonitor runWithState Catch java.lang.SecurityException
0 line 280
> org.apache.derby.impl.services.monitor.FileMonitor PBgetJVMProperty Catch java.lang.SecurityException
1 line 183
> org.apache.derby.impl.services.monitor.FileMonitor PBinitialize Catch java.lang.SecurityException
1 line 120
> {noformat}
> SecurityExceptions are swallowed at other locations in the Monitor. The implications
of these swallowings should be understood and, at a minimum, security problems should be fixed:
> {noformat}
> org.apache.derby.impl.services.monitor.FileMonitor PBinitialize Catch java.lang.SecurityException
1 line 157
> org.apache.derby.impl.services.monitor.FileMonitor createDaemonGroup Catch java.lang.SecurityException
1 line 89
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message