You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Rick Hillegas (JIRA)" <ji...@apache.org> on 2014/09/29 17:51:34 UTC

[jira] [Commented] (DERBY-6632) Applications may be able to use StorageFactoryService to delete Derby databases and overwrite service.properties.

    [ https://issues.apache.org/jira/browse/DERBY-6632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14151826#comment-14151826 ] 

Rick Hillegas commented on DERBY-6632:
--------------------------------------

StorageFactoryService is package private. The only way to get your hands on a StorageFactoryService is through BaseMonitor. The only way to get your hands on a Monitor is via code paths which derby-6648 protected with the usederbyinternals permission. I think this issue can be closed now.

> Applications may be able to use StorageFactoryService to delete Derby databases and overwrite service.properties.
> -----------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-6632
>                 URL: https://issues.apache.org/jira/browse/DERBY-6632
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.11.1.1
>            Reporter: Rick Hillegas
>
> Various powerful methods in StorageFactoryService are public. I have not verified the following with an experiment, but it appears to me that these methods give any code running in the JVM the ability to elevate privileges to those granted to Derby and do the following:
> 1) Delete Derby databases via the following methods:
> {noformat}
> org.apache.derby.impl.services.monitor.StorageFactoryService createServiceRoot()
> org.apache.derby.impl.services.monitor.StorageFactoryService getServiceProperties()
> org.apache.derby.impl.services.monitor.StorageFactoryService getStorageFactoryInstance()
> org.apache.derby.impl.services.monitor.StorageFactoryService removeServiceRoot()
> {noformat}
> 2) Overwrite service.properties via overloads of the following method:
> {noformat}
> org.apache.derby.impl.services.monitor.StorageFactoryService createServiceRoot()
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)