db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DERBY-6648) Application code should not be able to call ContextService.getContextOrNull()
Date Thu, 03 Jul 2014 18:56:34 GMT
Rick Hillegas created DERBY-6648:
------------------------------------

             Summary: Application code should not be able to call ContextService.getContextOrNull()
                 Key: DERBY-6648
                 URL: https://issues.apache.org/jira/browse/DERBY-6648
             Project: Derby
          Issue Type: Bug
          Components: Services
    Affects Versions: 10.11.0.0
            Reporter: Rick Hillegas


By calling ContextService.getContextOrNull() (and its relatives), application code can get
its hands on all sorts of internal Derby contexts, factories, and managers. This allows application
code to bypass SQL authorization checks and perform sensitive or data-corrupting actions.

For instance, right now an application can use this method to get its hands on the language
connection context. From the lcc, the application can get its hands on the data dictionary
and the execution transaction. Armed with those objects, the application can bypass authorization
checks and create schema objects, users, and permissions.

Only Derby code should be able to call this powerful method.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message