You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Kristian Waagan (JIRA)" <ji...@apache.org> on 2008/08/06 14:06:46 UTC

[jira] Updated: (DERBY-2556) Code paths for db restore do not use doPrivileged-calls, causing SecurityException

     [ https://issues.apache.org/jira/browse/DERBY-2556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kristian Waagan updated DERBY-2556:
-----------------------------------

    Attachment: derby-2556-5a-reworked_fix.stat
                derby-2556-5a-reworked_fix.diff

Patch 5a removes the utility class and duplicates the required code in a few places.
I decided not to write separate classes for the various Privileged[Exception]Actions, because they are all so simple.
It would be nice if someone could look at the permission changes I did.

Running suites.All/derbyall.
Patch ready for review.

> Code paths for db restore do not use doPrivileged-calls, causing SecurityException
> ----------------------------------------------------------------------------------
>
>                 Key: DERBY-2556
>                 URL: https://issues.apache.org/jira/browse/DERBY-2556
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.2.2.0, 10.3.1.4
>         Environment: Derby running with a security manager.
>            Reporter: Kristian Waagan
>            Assignee: Kristian Waagan
>             Fix For: 10.3.1.4
>
>         Attachments: derby-2556-2a_whitespace-javadoc.diff, derby-2556-3a_alternative-patch.diff, derby-2556-3a_alternative-patch.stat, derby-2556-4a_alternative-patch.diff, derby-2556-4a_alternative-patch.stat, derby-2556-5a-reworked_fix.diff, derby-2556-5a-reworked_fix.stat, derby-2556_diff.txt, derby-2556_stat.txt
>
>
> When using 'createFrom' or 'restoreFrom' in the JDBC url to restore a database from a backup image, a SecurityException is thrown even though the policyfile for codebase derby.jar is correctly configured (giving Derby access to the backup image).
> A few comments on this issue can be found here (and in subsequent comments): https://issues.apache.org/jira/browse/DERBY-1001#action_12439811
> A workaround is wrapping the connection call in doPrivileged at the "application-level code", or granting the required permissions to the application codebase as well.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.