You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Mamta A. Satoor (JIRA)" <ji...@apache.org> on 2013/07/18 19:38:50 UTC

[jira] [Updated] (DERBY-560) Provide finer grained security for connection attributes in Derby

     [ https://issues.apache.org/jira/browse/DERBY-560?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mamta A. Satoor updated DERBY-560:
----------------------------------

    Urgency: Low
     Labels: derby_triage10_11  (was: )
    
> Provide finer grained security for connection attributes in Derby
> -----------------------------------------------------------------
>
>                 Key: DERBY-560
>                 URL: https://issues.apache.org/jira/browse/DERBY-560
>             Project: Derby
>          Issue Type: Improvement
>          Components: JDBC
>    Affects Versions: 10.2.1.6
>            Reporter: Kathey Marsden
>              Labels: derby_triage10_11
>
> Currently if authentication is enabled in Derby,  anyone who has access to a database can connect with any attributes.  This makes sense as that is currently the only barrier to access to  a Derby database.
> With talk of adding GRANT/REVOKE to provide finer grained access, consideration should be given to also providing finer grained access to connection attributes, especially for Network Server.  Giving any user that can access the system permission to shutdown and create databases at will could be an issue.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira