You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Daniel John Debrunner (JIRA)" <de...@db.apache.org> on 2005/08/02 21:33:35 UTC
[jira] Created: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
--------------------------------------------------------------------------------------------------------------------------
Key: DERBY-485
URL: http://issues.apache.org/jira/browse/DERBY-485
Project: Derby
Type: Bug
Components: Security, SQL
Versions: 10.1.1.1, 10.2.0.0
Reporter: Daniel John Debrunner
Assigned to: Daniel John Debrunner
Priority: Minor
In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Resolved: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
Posted by "Daniel John Debrunner (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-485?page=all ]
Daniel John Debrunner resolved DERBY-485:
-----------------------------------------
Resolution: Fixed
> SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-485
> URL: http://issues.apache.org/jira/browse/DERBY-485
> Project: Derby
> Type: Bug
> Components: SQL, Security
> Versions: 10.2.0.0, 10.1.1.1
> Reporter: Daniel John Debrunner
> Assignee: Daniel John Debrunner
> Priority: Minor
> Fix For: 10.2.0.0
>
> In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Closed: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
Posted by "Deepa Remesh (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-485?page=all ]
Deepa Remesh closed DERBY-485:
------------------------------
Resolution: Fixed
> SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-485
> URL: http://issues.apache.org/jira/browse/DERBY-485
> Project: Derby
> Type: Bug
> Components: Security, SQL
> Versions: 10.1.2.0, 10.2.0.0
> Reporter: Daniel John Debrunner
> Assignee: Daniel John Debrunner
> Priority: Minor
> Fix For: 10.2.0.0, 10.1.2.0, 10.1.1.1
>
> In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Reopened: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
Posted by "Deepa Remesh (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-485?page=all ]
Deepa Remesh reopened DERBY-485:
--------------------------------
reopening to fix fix version
> SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-485
> URL: http://issues.apache.org/jira/browse/DERBY-485
> Project: Derby
> Type: Bug
> Components: Security, SQL
> Versions: 10.1.2.0, 10.2.0.0
> Reporter: Daniel John Debrunner
> Assignee: Daniel John Debrunner
> Priority: Minor
> Fix For: 10.2.0.0, 10.1.2.0, 10.1.1.1
>
> In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
Posted by "Daniel John Debrunner (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-485?page=all ]
Daniel John Debrunner updated DERBY-485:
----------------------------------------
Fix Version: 10.2.0.0
Revision 230183 Catch SecurityExceptions and LinkageExceptions consistently when loading application
classes (e.g. procedures, functions) and report as a ClassNotFoundException with the text of
the underlying exception. Enhance the test lang/dcl.jar to have a signed jar file as a database
jar, a hacked version of the jar file and a jar file with an invalid class (for a LinkageError).
> SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-485
> URL: http://issues.apache.org/jira/browse/DERBY-485
> Project: Derby
> Type: Bug
> Components: SQL, Security
> Versions: 10.2.0.0, 10.1.1.1
> Reporter: Daniel John Debrunner
> Assignee: Daniel John Debrunner
> Priority: Minor
> Fix For: 10.2.0.0
>
> In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
Posted by "Deepa Remesh (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-485?page=all ]
Deepa Remesh updated DERBY-485:
-------------------------------
Fix Version: 10.1.1.1
> SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-485
> URL: http://issues.apache.org/jira/browse/DERBY-485
> Project: Derby
> Type: Bug
> Components: Security, SQL
> Versions: 10.1.2.0, 10.2.0.0
> Reporter: Daniel John Debrunner
> Assignee: Daniel John Debrunner
> Priority: Minor
> Fix For: 10.2.0.0, 10.1.2.0, 10.1.1.1
>
> In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (DERBY-485) SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
Posted by "Daniel John Debrunner (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-485?page=all ]
Daniel John Debrunner updated DERBY-485:
----------------------------------------
Fix Version: 10.1.2.0
Also fixed in 10.1.2 as revision 290286 from trunk 230183
> SecurityException or LinkageException thrown during loading a class from a database jar incorrectly shuts the engine down.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-485
> URL: http://issues.apache.org/jira/browse/DERBY-485
> Project: Derby
> Type: Bug
> Components: Security, SQL
> Versions: 10.1.2.0, 10.2.0.0
> Reporter: Daniel John Debrunner
> Assignee: Daniel John Debrunner
> Priority: Minor
> Fix For: 10.2.0.0, 10.1.2.0
>
> In addiing test cases to lang/dcl.test for signed jar files stored in the database I found that if a jar is installed with a tampered class the resulting SecurityException shuts Derby down. Most likely the same would be true for an invalid class hacked into the jar.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira