db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Knut Anders Hatlen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DERBY-6631) FileMonitor can be used to elevate an application's privileges
Date Mon, 25 Aug 2014 12:22:58 GMT

     [ https://issues.apache.org/jira/browse/DERBY-6631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Knut Anders Hatlen updated DERBY-6631:

    Attachment: d6631-1b-setThreadPriority.diff

Attaching [^d6631-1b-setThreadPriority.diff] which adjusts the approach in the 1a patch. The
call to Thread.setPriority() is moved out of FileMonitor, since one doesn't really need the
monitor to set the priority. The only thing the monitor was needed for, was to check if the
thread was originally created by FileMonitor's getDaemonThread() method. A new method (isDaemonThread(Thread))
is added to provide that functionality. That method does not perform any privileged operations,
so it should be safe to keep it as a public method.

> FileMonitor can be used to elevate an application's privileges
> --------------------------------------------------------------
>                 Key: DERBY-6631
>                 URL: https://issues.apache.org/jira/browse/DERBY-6631
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions:
>            Reporter: Rick Hillegas
>         Attachments: d6631-1a-setThreadPriority.diff, d6631-1b-setThreadPriority.diff
> Various vulnerabilities in FileMonitor allow applications to perform security-sensitive
operations with the elevated privileges granted to Derby:
> getDaemonThread() - The application can call this method in order to create threads,
using Derby's elevated privileges.
> getJVMProperty() -  The application can call this in order to read system properties
using Derby's elevated privileges.
> setThreadPriority() - The application can call this method to change the priority of
a daemon thread it has created. This call will execute with Derby's elevated privileges.

This message was sent by Atlassian JIRA

View raw message