You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Rick Hillegas (JIRA)" <ji...@apache.org> on 2014/09/29 15:01:34 UTC
[jira] [Commented] (DERBY-6631) FileMonitor can be used to elevate
an application's privileges
[ https://issues.apache.org/jira/browse/DERBY-6631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14151652#comment-14151652 ]
Rick Hillegas commented on DERBY-6631:
--------------------------------------
The only way to get your hands on a FileMonitor is to call Monitor.getMonitor() or Monitor.getMonitorLite(). Those methods now require usederbyinternals permission as a result of the work done on DERBY-6648. All callers of those methods are wrapped by doPrivileged() blocks now. I believe these vulnerabilities have been addressed.
> FileMonitor can be used to elevate an application's privileges
> --------------------------------------------------------------
>
> Key: DERBY-6631
> URL: https://issues.apache.org/jira/browse/DERBY-6631
> Project: Derby
> Issue Type: Bug
> Components: Services
> Affects Versions: 10.11.1.1
> Reporter: Rick Hillegas
> Fix For: 10.12.0.0
>
> Attachments: d6631-1a-setThreadPriority.diff, d6631-1b-setThreadPriority.diff
>
>
> Various vulnerabilities in FileMonitor allow applications to perform security-sensitive operations with the elevated privileges granted to Derby:
> getDaemonThread() - The application can call this method in order to create threads, using Derby's elevated privileges.
> getJVMProperty() - The application can call this in order to read system properties using Derby's elevated privileges.
> setThreadPriority() - The application can call this method to change the priority of a daemon thread it has created. This call will execute with Derby's elevated privileges.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)