You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Rick Hillegas (JIRA)" <ji...@apache.org> on 2018/11/01 14:19:00 UTC
[jira] [Commented] (DERBY-6980) Documentation changes to accompany
jigsaw-modularization of derby
[ https://issues.apache.org/jira/browse/DERBY-6980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16671661#comment-16671661 ]
Rick Hillegas commented on DERBY-6980:
--------------------------------------
Attaching derby-6980-03-aa-securityPolicies.diff. This patch cleans up the documentation on security policies and brings it up to date with the security changes made by the modularization work on DERBY-6945. Also attaching derby-6980-03-aa-securityPolicies.tar, a tarball of the generated html. The best way to review these changes is to unpack the tarball and point your browser at index.html. This patch incorporates security policy templates which were generated by work on DERBY-3547. That work will be submitted for review soon.
The existing documentation on security policies has always confused me. The existing template and sample policies don't describe any real Derby configuration. They don't even describe a union of the Derby configurations. For instance, they don't provide any guidance on how to configure a security policy for a client application running on a remote machine.
Instead, this patch builds on the module diagrams and on the idea that Derby can be run in several different configurations, each of which needs its own template policy file.
This patch makes the following changes:
1) Clarifies the description of the privileges needed for import/export, backup/restore, and jar file loading, pointing out that the target directories should be in a branch of the file system controlled by the database owner or the user who booted the JVM.
2) Points out that system properties can be used to avoid having to customize the template policies.
3) Removes the confusing material about having to grant sysinfo privileges to all jar files. The work on DERBY-6945 isolated the sysinfo logic in the tools module so that the corresponding privileges only need to be granted to derbytools.jar.
4) Replaces the one-size-doesn't-fit-anyone template policy with separate template policies for the following important configurations: embedded engine, server, remote client, and local tools.
5) Replaces the customized policy file with a customized version of the server policy, arguably the most security-critical configuration.
Touches the following files:
{noformat}
--------------------------------
M src/security/csecjavasecurity.dita
Simplify the overview of security policies.
--------------------------------
A src/security/rsecbasicclient.dita
A src/security/rsecbasicengine.dita
A src/security/rsecbasicserver.dita
A src/security/rsecbasictools.dita
D src/security/rsecnetservbasic.dita
M src/security/secderby.ditamap
Replace the one-size-doesn't-fit-anyone template policy with separate
templates for the engine, server, client, and tools configurations.
--------------------------------
M src/security/rsecpolicysample.dita
Replace the example policy file with a customized server policy.
{noformat}
> Documentation changes to accompany jigsaw-modularization of derby
> -----------------------------------------------------------------
>
> Key: DERBY-6980
> URL: https://issues.apache.org/jira/browse/DERBY-6980
> Project: Derby
> Issue Type: Task
> Components: Documentation
> Affects Versions: 10.15.0.0
> Reporter: Rick Hillegas
> Assignee: Rick Hillegas
> Priority: Major
> Attachments: derby-6980-01-aa-moduleDiagramsInJavadoc.diff, derby-6980-02-aa-addOverviewPageToInternalJavadoc.diff, derby-6980-03-aa-securityPolicies.diff, derby-6980-03-aa-securityPolicies.tar
>
>
> This is a place to collect the documentation changes which must be made as a result of the work on DERBY-6945.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)