You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2014/08/22 14:54:11 UTC
[jira] [Commented] (DERBY-6631) FileMonitor can be used to elevate
an application's privileges
[ https://issues.apache.org/jira/browse/DERBY-6631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14106802#comment-14106802 ]
Knut Anders Hatlen commented on DERBY-6631:
-------------------------------------------
getJVMProperty() limits the privileged access to properties whose names start with "derby.". So at least it doesn't allow you to read an arbitrary system property with Derby's privileges. Note also that this helper method is also used (indirectly via PropertyUtil) by the network server in order to read Derby properties (the default server policy does not grant read permission on derby.* properties to derbynet.jar).
> FileMonitor can be used to elevate an application's privileges
> --------------------------------------------------------------
>
> Key: DERBY-6631
> URL: https://issues.apache.org/jira/browse/DERBY-6631
> Project: Derby
> Issue Type: Bug
> Components: Services
> Affects Versions: 10.11.1.1
> Reporter: Rick Hillegas
>
> Various vulnerabilities in FileMonitor allow applications to perform security-sensitive operations with the elevated privileges granted to Derby:
> getDaemonThread() - The application can call this method in order to create threads, using Derby's elevated privileges.
> getJVMProperty() - The application can call this in order to read system properties using Derby's elevated privileges.
> setThreadPriority() - The application can call this method to change the priority of a daemon thread it has created. This call will execute with Derby's elevated privileges.
--
This message was sent by Atlassian JIRA
(v6.2#6252)