db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <Richard.Hille...@Sun.COM>
Subject Naming the next Derby feature release
Date Thu, 01 Mar 2007 20:04:26 GMT
Dear Derby users,

The next feature release of Derby will close some security holes:

1) When authentication is turned on, only the owner of a database will 
be allowed to shut it down, encrypt it, and hard-upgrade it.

2) When you boot the network server as the VM's entry point, the server 
will attempt to install a security manager if you neglected to install 
one yourself.

These changes create some incompatibilities with the behavior of Derby 
10.2. The incompatibilities are described at the end of the 10.3 release 
page: http://wiki.apache.org/db-derby/DerbyTenThreeRelease These 
incompatibilities will particularly affect the following users:

I) Those who forcibly shutdown the database while running with 
authentication turned ON.

2) Those who boot the network server with authentication turned OFF.

The Release Notes for the next feature release will document these 
incompatibilities and their workarounds.  Users may have to modify their 
applications after upgrading to the next feature release. We don't know 
how many users will be affected. However, it is likely that these 
incompatibilities will affect more users than the incompatibilities 
between release 10.1 and 10.2. Some people wonder whether the Release 
Notes, by themselves, will provide enough warning to the affected users. 
It has been suggested that:

i) we would successfully warn more users if we named the release 11.0 
rather than 10.3

And it has been countered that:

ii) calling this release 11.0 will discourage adoption of what is 
basically a great, safe release

We wonder what the user community thinks. In particular:

A) Would calling this release 11.0 make it less likely that you would be 
blindsided by these incompatibilities?

B) Would calling this release 11.0 make it less likely that you would 
install this release?

Please let us know what you think.


View raw message