You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by rh...@apache.org on 2018/11/04 14:44:41 UTC
svn commit: r1845742 - in /db/derby/code/trunk: ./
java/build/org/apache/derbyBuild/
java/org.apache.derby.engine/org/apache/derby/security/
java/org.apache.derby.server/
java/org.apache.derby.server/org/apache/derby/drda/
java/org.apache.derby.tests/o...
Author: rhillegas
Date: Sun Nov 4 14:44:41 2018
New Revision: 1845742
URL: http://svn.apache.org/viewvc?rev=1845742&view=rev
Log:
DERBY-3547: Generate server.policy, derby_tests.policy, and DITA policy templates from descriptors which express policies as deltas from one another; commit derby-3547-01-ab-policyGenerator.diff.
Added:
db/derby/code/trunk/java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java (with props)
db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityDocExample.properties (with props)
db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.dtd (with props)
db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml (with props)
db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityProduct.properties (with props)
db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties (with props)
Removed:
db/derby/code/trunk/java/org.apache.derby.server/org/apache/derby/drda/server.policy
db/derby/code/trunk/java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/util/derby_tests.policy
Modified:
db/derby/code/trunk/build.xml
db/derby/code/trunk/java/build/org/apache/derbyBuild/MessageBuilder.java
db/derby/code/trunk/java/org.apache.derby.server/build.xml
Modified: db/derby/code/trunk/build.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/build.xml?rev=1845742&r1=1845741&r2=1845742&view=diff
==============================================================================
--- db/derby/code/trunk/build.xml (original)
+++ db/derby/code/trunk/build.xml Sun Nov 4 14:44:41 2018
@@ -58,7 +58,7 @@
<target
name="buildsource"
- depends="checkCompilerLevel,init,prebuild,setCompilerProperties,felixStubs,shared,client,engine,storeless,tools,drda,optional,runner,build,versioninfo,localeinfo,binscripts"
+ depends="checkCompilerLevel,init,prebuild,setCompilerProperties,felixStubs,shared,client,engine,storeless,tools,drda,optional,runner,build,versioninfo,localeinfo,binscripts,generateSecurityPolicies"
description="Compile the product source (does not build the tests)."
/>
<target
@@ -67,6 +67,25 @@
description="Compile all of the source, including tests as well as production code."
/>
+ <!-- Generate security policies and corresponding documentation -->
+ <!-- <target name="buildPolicyFiles" unless="messagesUpToDate" -->
+ <target
+ name="generateSecurityPolicies"
+ description="Build security policies."
+ >
+
+ <taskdef
+ name="generatePolicies"
+ classname="org.apache.derbyBuild.SecurityPolicyGenerator"
+ classpath="${out.build.dir}"
+ />
+
+ <generatePolicies
+ baseDirectory="${basedir}"
+ />
+
+ </target>
+
<!-- ==================================================================== -->
<!-- Initialize targets -->
<!-- ==================================================================== -->
@@ -1898,6 +1917,39 @@
</target>
+ <!-- Checkin the generated security policy documentation to the docs client -->
+ <target name="copy-security-policy-docs">
+
+ <property name="sec.dir" value="${docs.root}/src/security"/>
+ <property name="gen.dita.dir" value="${generated.src.engine.dir}/${derby.dir}/security"/>
+
+ <copy todir="${sec.dir}">
+ <fileset dir="${gen.dita.dir}" includes="*.dita"/>
+ </copy>
+
+ <antcall target="checkinfile">
+ <param name="checkinComment" value="Check in rsecbasicclient.dita as part of building a release."/>
+ <param name="fileName" value="${sec.dir}/rsecbasicclient.dita"/>
+ </antcall>
+ <antcall target="checkinfile">
+ <param name="checkinComment" value="Check in rsecbasicengine.dita as part of building a release."/>
+ <param name="fileName" value="${sec.dir}/rsecbasicengine.dita"/>
+ </antcall>
+ <antcall target="checkinfile">
+ <param name="checkinComment" value="Check in rsecbasicserver.dita as part of building a release."/>
+ <param name="fileName" value="${sec.dir}/rsecbasicserver.dita"/>
+ </antcall>
+ <antcall target="checkinfile">
+ <param name="checkinComment" value="Check in rsecbasictools.dita as part of building a release."/>
+ <param name="fileName" value="${sec.dir}/rsecbasictools.dita"/>
+ </antcall>
+ <antcall target="checkinfile">
+ <param name="checkinComment" value="Check in rsecpolicysample.dita as part of building a release."/>
+ <param name="fileName" value="${sec.dir}/rsecpolicysample.dita"/>
+ </antcall>
+
+ </target>
+
<!-- Build the NOTICE file and check it in -->
<target name="buildnotice">
@@ -2927,6 +2979,9 @@ you should not have to do this.
<!-- copy the generated sqlstate tables to the docs client and check it in -->
<antcall target="copyerrordocs"/>
+ <!-- copy the generated policy file documentation to the docs client and check it in -->
+ <antcall target="copy-security-policy-docs"/>
+
<!-- sync the clients to guarantee that we are up-to-date -->
<antcall target="updatesvnclients"/>
Modified: db/derby/code/trunk/java/build/org/apache/derbyBuild/MessageBuilder.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/build/org/apache/derbyBuild/MessageBuilder.java?rev=1845742&r1=1845741&r2=1845742&view=diff
==============================================================================
--- db/derby/code/trunk/java/build/org/apache/derbyBuild/MessageBuilder.java (original)
+++ db/derby/code/trunk/java/build/org/apache/derbyBuild/MessageBuilder.java Sun Nov 4 14:44:41 2018
@@ -80,13 +80,12 @@ public class MessageBuilder extends Task
"#\n" +
"###################################################\n";
- private static final String REF_GUIDE_BOILERPLATE =
+ public static final String REF_GUIDE_BOILERPLATE =
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" +
"<!DOCTYPE reference PUBLIC \"-//OASIS//DTD DITA Reference//EN\"\n" +
" \"../dtd/reference.dtd\">\n";
- private static final String REF_GUIDE_NOTES =
- "<!-- \n" +
+ public static final String APACHE_LICENSE =
"Licensed to the Apache Software Foundation (ASF) under one or more\n" +
"contributor license agreements. See the NOTICE file distributed with\n" +
"this work for additional information regarding copyright ownership.\n" +
@@ -100,7 +99,11 @@ public class MessageBuilder extends Task
"distributed under the License is distributed on an \"AS IS\" BASIS, \n" +
"WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. \n" +
"See the License for the specific language governing permissions and \n" +
- "limitations under the License.\n" +
+ "limitations under the License.\n";
+
+ private static final String REF_GUIDE_NOTES =
+ "<!-- \n" +
+ APACHE_LICENSE +
"-->\n" +
"\n" +
"<!-- \n" +
@@ -127,7 +130,7 @@ public class MessageBuilder extends Task
/**
* <p>
- * XML-wrigint wrapper around a PrintWriter.
+ * XML-writing wrapper around a PrintWriter.
* </p>
*/
public static final class XMLWriter
@@ -135,7 +138,6 @@ public class MessageBuilder extends Task
// If this boolean is set, then all operations are NOPs.
private boolean _vacuous;
- private FileWriter _fw;
private PrintWriter _pw;
private ArrayList<String> _tagStack;
@@ -149,7 +151,19 @@ public class MessageBuilder extends Task
public XMLWriter()
{
_vacuous = true;
- }
+ }
+
+ /**
+ * <p>
+ * Construct from a PrintWriter.
+ * </p>
+ */
+ public XMLWriter(PrintWriter printWriter)
+ {
+ _vacuous = false;
+ _pw = printWriter;
+ _tagStack = new ArrayList<String>();
+ }
/**
* <p>
@@ -159,10 +173,7 @@ public class MessageBuilder extends Task
public XMLWriter( File file )
throws IOException
{
- _vacuous = false;
- _fw = new FileWriter( file );
- _pw = new PrintWriter( _fw );
- _tagStack = new ArrayList<String>();
+ this(new PrintWriter(file));
}
public void flush() throws IOException
@@ -170,7 +181,6 @@ public class MessageBuilder extends Task
if ( _vacuous ) { return; }
_pw.flush();
- _fw.flush();
}
public void close() throws IOException
@@ -178,7 +188,6 @@ public class MessageBuilder extends Task
if ( _vacuous ) { return; }
_pw.close();
- _fw.close();
}
/**
@@ -731,7 +740,7 @@ public class MessageBuilder extends Task
//
////////////////////////////////////////////////////////
- private Element getFirstChild( Element node, String childName )
+ public static Element getFirstChild( Element node, String childName )
throws Exception
{
return (Element) node.getElementsByTagName( childName ).item( 0 );
@@ -742,7 +751,7 @@ public class MessageBuilder extends Task
* Squeeze the text out of an Element.
* </p>
*/
- private String squeezeText( Element node )
+ public static String squeezeText( Element node )
throws Exception
{
Node textChild = node.getFirstChild();
Added: db/derby/code/trunk/java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java?rev=1845742&view=auto
==============================================================================
--- db/derby/code/trunk/java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java (added)
+++ db/derby/code/trunk/java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java Sun Nov 4 14:44:41 2018
@@ -0,0 +1,777 @@
+/*
+
+ Derby - Class org.apache.derbyBuild.SecurityPolicyGenerator
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+ */
+
+package org.apache.derbyBuild;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.text.MessageFormat;
+import java.text.MessageFormat;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Properties;
+import javax.xml.parsers.*;
+import org.w3c.dom.*;
+
+import org.apache.tools.ant.BuildException;
+import org.apache.tools.ant.Project;
+import org.apache.tools.ant.Task;
+
+/**
+ * <p>
+ * This tool generates policy files as well as documentation for the Derby Security Guide.
+ * This tool consumes securityPolicies.xml and generates a number of policy
+ * files and DITA source files. Those files are written to the generated source tree
+ * and to the compiled classes tree. See securityPolicies.dtd for a description
+ * of the input XML grammar and its concepts.
+ * </p>
+ */
+public class SecurityPolicyGenerator extends Task
+{
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // CONSTANTS
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ /** Descriptions of the security policies (relative to the base directory) */
+ private static final String SOURCE_DIR = "java/org.apache.derby.engine/org/apache/derby/security";
+ private static final String POLICY_DESCRIPTORS = "securityPolicies.xml";
+ private static final String PRODUCT_PROPERTIES = "securityProduct.properties";
+ private static final String TEST_PROPERTIES = "securityTests.properties";
+ private static final String DOC_EXAMPLE_PROPERTIES = "securityDocExample.properties";
+
+ private static final String PERMISSION = "permission ";
+ private static final String STATEMENT_END = ";";
+
+ private static final String TAB = " ";
+ private static final String COMMENT = "// ";
+ private static final String NEWLINE = "\n";
+
+ private static final String DO_NOT_EDIT =
+ "<!--\n" +
+ "\n" +
+ " DO NOT EDIT THIS FILE! THIS FILE IS GENERATED BY SecurityPolicyGenerator\n" +
+ " FROM POLICY DESCRIPTORS IN securityPolicy.xml.\n" +
+ "\n" +
+ "-->\n";
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // STATE
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ /** Base directory of the user's Derby sandbox */
+ private File _baseDirectory;
+
+ private Properties _productProperties;
+ private Properties _testProperties;
+ private Properties _docExampleProperties;
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // CONSTRUCTORS
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ /**
+ * <p>
+ * Let Ant conjure us out of thin air.
+ * </p>
+ */
+ public SecurityPolicyGenerator()
+ {}
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // Task BEHAVIOR
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ /** <p>Let Ant set the base directory of the Derby sandbox.</p>*/
+ public void setBaseDirectory( String baseDirectory ) { _baseDirectory = new File(baseDirectory);}
+
+ /**
+ * <p>
+ * Read the policy descriptor file and generate policies for
+ * various Derby configurations. Also generate documentation on
+ * those policies.
+ * </p>
+ */
+ public void execute()
+ throws BuildException
+ {
+ try
+ {
+ _productProperties = loadProperties(PRODUCT_PROPERTIES);
+ _testProperties = loadProperties(TEST_PROPERTIES);
+ _docExampleProperties = loadProperties(DOC_EXAMPLE_PROPERTIES);
+
+ HashMap<String,Policy> policyMap = parsePolicies();
+
+ printPolicies(policyMap);
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ throw new BuildException( "Could not generate security policies: " + e.getMessage(), e );
+ }
+
+ }
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // LOAD THE DESCRIPTOR FILE AND PARSE IT INTO A LIST OF POLICIES
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ private HashMap<String,Policy> parsePolicies() throws Exception
+ {
+ HashMap<String,Policy> retval = new HashMap<String,Policy>();
+ String descriptorFileName = sourceFileName(POLICY_DESCRIPTORS);
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ Document doc = builder.parse(descriptorFileName);
+ Element root = doc.getDocumentElement(); // framing "policies" element
+ NodeList policies = root.getElementsByTagName("policy");
+
+ int policyCount = policies.getLength();
+ for (int idx = 0; idx < policyCount; idx++)
+ {
+ parsePolicy(retval, (Element) policies.item(idx));
+ }
+
+ return retval;
+ }
+
+ /** Parse a policy and add it to the evolving map of policies */
+ private void parsePolicy(HashMap<String,Policy> allPolicies, Element policyElement)
+ throws Exception
+ {
+ int indentLevel = 0;
+ String policyName = getLoneText(policyElement, "name");
+ Output output = parseOutput(policyElement);
+ Policy policy = new Policy(policyName, output, indentLevel);
+
+ allPolicies.put(policyName, policy);
+
+ // include parent policies
+ NodeList includeList = policyElement.getElementsByTagName("include");
+
+ if (includeList != null)
+ {
+ int includeCount = includeList.getLength();
+
+ for (int idx = 0; idx < includeCount; idx++)
+ {
+ String parentPolicyName = MessageBuilder.squeezeText((Element) includeList.item(idx));
+ Policy parentPolicy = allPolicies.get(parentPolicyName);
+
+ policy.include(parentPolicy);
+ }
+ }
+
+ // grant permissions to jars
+ NodeList jarList = policyElement.getElementsByTagName("jar");
+
+ if (jarList != null)
+ {
+ int jarCount = jarList.getLength();
+
+ for (int idx = 0; idx < jarCount; idx++)
+ {
+ Element jarElement = (Element) jarList.item(idx);
+
+ parseJar(policy, jarElement, indentLevel);
+ }
+ }
+ }
+
+ /** Parse the output descriptor */
+ private Output parseOutput(Element policyElement)
+ throws Exception
+ {
+ Element outputElement = MessageBuilder.getFirstChild(policyElement, "output");
+ if (outputElement == null) { return null; }
+
+ File outputFile = new File
+ (_baseDirectory.getAbsolutePath() + "/" + getLoneText(outputElement, "file"));
+
+ String propertiesName = getLoneText(outputElement, "properties");
+ Properties outputProperties = null;
+
+ switch(propertiesName)
+ {
+ case PRODUCT_PROPERTIES:
+ outputProperties = _productProperties;
+ break;
+
+ case TEST_PROPERTIES:
+ outputProperties = _testProperties;
+ break;
+
+ case DOC_EXAMPLE_PROPERTIES:
+ outputProperties = _docExampleProperties;
+ break;
+
+ default: throw new Exception("Unknown properties file name: " + propertiesName);
+ }
+
+ Doc doc = parseDoc(outputElement);
+
+ return new Output(outputFile, outputProperties, doc);
+ }
+
+ /** Parse optional documentation directives */
+ private Doc parseDoc(Element outputElement)
+ throws Exception
+ {
+ Element docElement = MessageBuilder.getFirstChild(outputElement, "doc");
+ if (docElement == null) { return null; }
+
+ String title =
+ MessageBuilder.squeezeText(MessageBuilder.getFirstChild(docElement, "title"));
+ String shortDesc =
+ MessageBuilder.squeezeText(MessageBuilder.getFirstChild(docElement, "shortDesc"));
+ String majorIndexTerm =
+ MessageBuilder.squeezeText(MessageBuilder.getFirstChild(docElement, "majorIndexTerm"));
+ String minorIndexTerm =
+ MessageBuilder.squeezeText(MessageBuilder.getFirstChild(docElement, "minorIndexTerm"));
+ String longDesc =
+ MessageBuilder.squeezeText(MessageBuilder.getFirstChild(docElement, "longDesc"));
+
+ return new Doc(title, shortDesc, majorIndexTerm, minorIndexTerm, longDesc);
+ }
+
+ /** Parse permission grants to a jar file */
+ private void parseJar(Policy policy, Element jarElement, int indentLevel)
+ throws Exception
+ {
+ String targetName = getLoneText(jarElement, "name");
+ GrantTarget grantTarget = policy.findGrantTarget(targetName);
+
+ if (grantTarget == null)
+ {
+ grantTarget = new GrantTarget(targetName, indentLevel);
+ policy.add(grantTarget);
+ }
+
+ // process blocks of permissions
+ NodeList blockList = jarElement.getElementsByTagName("block");
+
+ if (blockList != null)
+ {
+ int blockCount = blockList.getLength();
+
+ for (int idx = 0; idx < blockCount; idx++)
+ {
+ Element blockElement = (Element) blockList.item(idx);
+
+ parseBlock(grantTarget, blockElement, indentLevel + 1);
+ }
+ }
+ }
+
+ /** Parse a block of permissions */
+ private void parseBlock(GrantTarget grantTarget, Element blockElement, int indentLevel)
+ throws Exception
+ {
+ Element commentElement = MessageBuilder.getFirstChild(blockElement, "comment");
+ String comment = (commentElement == null) ? null : MessageBuilder.squeezeText(commentElement);
+ PermissionBlock block = new PermissionBlock(comment, indentLevel);
+
+ grantTarget.add(block);
+
+ // first process deleted permissions
+ NodeList deletionList = blockElement.getElementsByTagName("d");
+
+ if (deletionList != null)
+ {
+ int deletionCount = deletionList.getLength();
+
+ for (int idx = 0; idx < deletionCount; idx++)
+ {
+ Element deletionElement = (Element) deletionList.item(idx);
+ String deletedPermission = parsePermission(deletionElement);
+
+ grantTarget.deletePermission(deletedPermission);
+ }
+ }
+
+ // now process permission adds
+ NodeList addList = blockElement.getElementsByTagName("a");
+
+ if (addList != null)
+ {
+ int addCount = addList.getLength();
+
+ for (int idx = 0; idx < addCount; idx++)
+ {
+ Element addElement = (Element) addList.item(idx);
+ String addPermission = parsePermission(addElement);
+
+ block.add(addPermission);
+ }
+ }
+ }
+
+ /** Get the permission from a permission node */
+ private String parsePermission(Element permissionNode) throws Exception
+ {
+ String text = MessageBuilder.squeezeText(permissionNode);
+
+ return PERMISSION + text + STATEMENT_END;
+ }
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // PRINT THE POLICIES
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ private void printPolicies(HashMap<String,Policy> policyMap) throws Exception
+ {
+ for (Policy policy : policyMap.values())
+ {
+ // only print policies which have output instructions
+ Output output = policy.output;
+ if (output == null) { continue; }
+
+ File outputFile = output.file;
+ outputFile.getParentFile().mkdirs();
+
+ try (PrintWriter writer = new PrintWriter(outputFile))
+ {
+ policy.print(writer);
+ writer.flush();
+ }
+ }
+ }
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // GENERALLY USEFUL MINIONS
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ /** Return the single text child element of the parent element */
+ private String getLoneText(Element parentElement, String childName)
+ throws Exception
+ {
+ Element firstElement = MessageBuilder.getFirstChild(parentElement, childName);
+ Node textChild = firstElement.getFirstChild();
+
+ if (textChild == null) { return ""; }
+ else { return textChild.getNodeValue(); }
+ }
+
+ /** Load a properties file */
+ private Properties loadProperties(String shortFileName) throws IOException
+ {
+ String fullFileName = sourceFileName(shortFileName);
+ FileInputStream is = new FileInputStream(fullFileName);
+ Properties retval = new Properties();
+
+ retval.load(is);
+
+ return retval;
+ }
+
+ /** Turn a short source file name into an absolute file name */
+ private String sourceFileName(String shortFileName)
+ {
+ return _baseDirectory.getAbsolutePath() + "/" + SOURCE_DIR + "/" + shortFileName;
+ }
+
+ /**
+ * <p>
+ * Print a comment.
+ * </p>
+ */
+ private static void printComment(PrintWriter writer, String comment, int indentLevel)
+ {
+ String tabAndComment = tab(indentLevel) + COMMENT;
+
+ // put comment markers at the beginning of every line
+ String prettyComment = tabAndComment + comment.replace(NEWLINE, NEWLINE + tabAndComment);
+
+ writer.println(prettyComment);
+ }
+
+ /**
+ * <p>
+ * Construct a tab level.
+ * </p>
+ */
+ private static String tab(int indentLevel)
+ {
+ StringBuilder buffer = new StringBuilder();
+ for (int idx = 0; idx < indentLevel; idx++) { buffer.append(TAB); }
+ return buffer.toString();
+ }
+
+ /**
+ * <p>
+ * Echo a message to the console.
+ * </p>
+ */
+ private void echo( String text )
+ {
+ log( text, Project.MSG_WARN );
+ }
+
+ /////////////////////////////////////////////////////////////////////////
+ //
+ // NESTED CLASSES
+ //
+ /////////////////////////////////////////////////////////////////////////
+
+ /** A block of permissions */
+ public static final class PermissionBlock extends ArrayList<String>
+ {
+ public final String comment;
+ public final int indentLevel;
+
+ public PermissionBlock(String comment, int indentLevel)
+ {
+ this.comment = comment;
+ this.indentLevel = indentLevel;
+ }
+
+ // print the permission block
+ public void print(PrintWriter writer, boolean forDocumentation) throws IOException
+ {
+ String tab = tab(indentLevel);
+ if (comment != null) { printComment(writer, comment, indentLevel); }
+
+ for (String permission : this)
+ {
+ // If this is for documentation, then replace angle brackets
+ // with xml entities.
+ if (forDocumentation)
+ {
+ permission = permission
+ .replace("<", "<")
+ .replace(">", ">")
+ ;
+ }
+
+ writer.print(tab);
+ writer.println(permission);
+ }
+ writer.println();
+ }
+
+ public PermissionBlock cloneMe()
+ {
+ PermissionBlock clone = new PermissionBlock(comment, indentLevel);
+ clone.addAll(this);
+
+ return clone;
+ }
+ }
+
+ /** A target (usually a jar file) which is granted permissions */
+ public static final class GrantTarget extends ArrayList<PermissionBlock>
+ {
+ public final String logicalName;
+ public final int indentLevel;
+
+ public GrantTarget(String logicalName, int indentLevel)
+ {
+ this.logicalName = logicalName;
+ this.indentLevel = indentLevel;
+ }
+
+ /** Delete a permission from all blocks */
+ public void deletePermission(String permission)
+ {
+ for (PermissionBlock block : this)
+ {
+ block.remove(permission);
+ }
+ }
+
+ // print the granted permissions
+ public void print
+ (
+ PrintWriter writer,
+ Properties outputProperties,
+ boolean forDocumentation
+ ) throws IOException
+ {
+ String tab = tab(indentLevel);
+ String actualName = outputProperties.getProperty(logicalName, logicalName);
+
+ writer.print(tab);
+ writer.print("grant");
+ if (actualName.length() > 0)
+ {
+ writer.print(" codeBase \"");
+ writer.print(actualName);
+ writer.println("\"");
+ }
+ else { writer.println(""); }
+
+ writer.print(tab);
+ writer.println("{");
+
+ for (PermissionBlock block : this)
+ {
+ block.print(writer, forDocumentation);
+ }
+
+ writer.print(tab);
+ writer.println("};");
+ writer.println();
+ }
+
+ public GrantTarget cloneMe()
+ {
+ GrantTarget clone = new GrantTarget(logicalName, indentLevel);
+
+ for (PermissionBlock block : this)
+ {
+ clone.add(block.cloneMe());
+ }
+
+ return clone;
+ }
+ }
+
+ /** A descriptor for documentation directives */
+ public static final class Doc
+ {
+ public final String title;
+ public final String shortDesc;
+ public final String majorIndexTerm;
+ public final String minorIndexTerm;
+ public final String longDesc;
+
+ public Doc
+ (
+ String title,
+ String shortDesc,
+ String majorIndexTerm,
+ String minorIndexTerm,
+ String longDesc
+ )
+ {
+ this.title = title;
+ this.shortDesc = shortDesc;
+ this.majorIndexTerm = majorIndexTerm;
+ this.minorIndexTerm = minorIndexTerm;
+ this.longDesc = longDesc;
+ }
+
+ // print the dita header
+ public void printDitaHeader(MessageBuilder.XMLWriter writer, String referenceID) throws IOException
+ {
+ writer.println(MessageBuilder.REF_GUIDE_BOILERPLATE);
+ writer.println("<!--");
+ writer.println(MessageBuilder.APACHE_LICENSE);
+ writer.println("-->");
+ writer.println(DO_NOT_EDIT);
+
+ writer.beginTag("reference", "id=\"" + referenceID + "\" xml:lang=\"en-us\"");
+ {
+ writer.writeTextElement("title", title);
+ writer.writeTextElement("shortdesc", shortDesc);
+
+ writer.beginTag("prolog");
+ {
+ writer.beginTag("metadata");
+ {
+ writer.beginTag("keywords");
+ {
+ writer.beginTag("indexterm");
+ {
+ writer.indent();
+ writer.println(majorIndexTerm);
+ writer.writeTextElement("indexterm", minorIndexTerm);
+ }
+ writer.endTag();
+ }
+ writer.endTag();
+ }
+ writer.endTag();
+ }
+ writer.endTag();
+
+ writer.beginTag("refbody");
+ {
+ writer.beginTag("section");
+ {
+ writer.writeTextElement("p", longDesc);
+
+ writer.beginTag("codeblock");
+ {
+ // caller fills in the codeblock, the bulk of the policy file
+ }
+ // terminated by printDitaFooter()
+ }
+ // terminated by printDitaFooter()
+ }
+ // terminated by printDitaFooter()
+ }
+ // terminated by printDitaFooter()
+ }
+
+ // print the dita header
+ public void printDitaFooter(MessageBuilder.XMLWriter writer) throws IOException
+ {
+ writer.endTag(); // end codeblock
+ writer.endTag(); // end section
+ writer.endTag(); // end refbody
+ writer.endTag(); // end reference
+ }
+ }
+
+ /** A descriptor for where to write the policy file */
+ public static final class Output
+ {
+ public final File file;
+ public final Properties properties;
+ public final Doc doc;
+
+ public Output(File file, Properties properties, Doc doc)
+ {
+ this.file = file;
+ this.properties = properties;
+ this.doc = doc;
+ }
+
+ /**
+ * The DITA reference id is the file stub.
+ */
+ public String ditaReferenceID()
+ {
+ String shortName = file.getName();
+ int dotIdx = shortName.lastIndexOf(".");
+
+ return shortName.substring(0, dotIdx);
+ }
+ }
+
+ /** A policy, consisting of GrantTargets */
+ public static final class Policy extends ArrayList<GrantTarget>
+ {
+ public final String name;
+ public final Output output;
+ public final int indentLevel;
+
+ public Policy(String name, Output output, int indentLevel)
+ {
+ this.name = name;
+ this.output = output;
+ this.indentLevel = indentLevel;
+ }
+
+ /** Include a parent policy */
+ public void include(Policy parent)
+ {
+ for (GrantTarget source : parent)
+ {
+ add(source.cloneMe());
+ }
+ }
+
+ /**
+ * Add a GrantTarget, merging into an existing target of the
+ * same name if it exists.
+ */
+ @Override
+ public boolean add(GrantTarget source)
+ {
+ GrantTarget destination = findGrantTarget(source.logicalName);
+
+ if (destination == null) { return super.add(source); }
+ else
+ {
+ return destination.addAll(source);
+ }
+ }
+
+ /** Find a GrantTarget */
+ public GrantTarget findGrantTarget(String targetName)
+ {
+ for (GrantTarget candidate : this)
+ {
+ if (targetName.equals(candidate.logicalName)) { return candidate; }
+ }
+
+ return null;
+ }
+
+ // print the policy file
+ public void print(PrintWriter writer) throws IOException
+ {
+ String tab = tab(indentLevel);
+ MessageBuilder.XMLWriter xmlWriter = null;
+ Doc doc = null;
+ boolean forDocumentation = false;
+
+ if (output != null)
+ {
+ doc = output.doc;
+ if (doc != null)
+ {
+ forDocumentation = true;
+
+ // Frame the Security Guide page with boilerplate
+ xmlWriter = new MessageBuilder.XMLWriter(writer);
+
+ doc.printDitaHeader(xmlWriter, output.ditaReferenceID());
+ }
+ }
+
+ //
+ // If we are printing a Security Guide page, then don't redundantly print
+ // the Apache license, which printDitaHeader() already wrote.
+ //
+ if (!forDocumentation)
+ {
+ printComment(writer, MessageBuilder.APACHE_LICENSE, indentLevel);
+ writer.println();
+ }
+
+ Properties outputProperties = (output == null) ? new Properties() : output.properties;
+
+ for (GrantTarget grantTarget : this)
+ {
+ grantTarget.print(writer, outputProperties, forDocumentation);
+ }
+ writer.println();
+
+ if (forDocumentation)
+ {
+ doc.printDitaFooter(xmlWriter);
+ xmlWriter.flush();
+ }
+ }
+ }
+
+}
+
Propchange: db/derby/code/trunk/java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityDocExample.properties
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityDocExample.properties?rev=1845742&view=auto
==============================================================================
--- db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityDocExample.properties (added)
+++ db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityDocExample.properties Sun Nov 4 14:44:41 2018
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# These properties define the location of Derby jar files
+# in the Security Guide's example policy file. These values are substituted
+# into the grant targets in securityPolicies.xml.
+#
+
+# product jars
+
+derbyshared.jar=file:///Users/me/javadb/lib/derbyshared.jar
+derby.jar=file:///Users/me/javadb/lib/derby.jar
+derbytools.jar=file:///Users/me/javadb/lib/derbytools.jar
+derbynet.jar=file:///Users/me/javadb/lib/derbynet.jar
+derbyclient.jar=file:///Users/me/javadb/lib/derbyclient.jar
Propchange: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityDocExample.properties
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.dtd
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.dtd?rev=1845742&view=auto
==============================================================================
--- db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.dtd (added)
+++ db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.dtd Sun Nov 4 14:44:41 2018
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+
+<!--
+This is the grammar which defines the structure of securityPolicies.xml.
+That file, in turn, is the source code used to generate security policies
+for the following purposes:
+
+ * production usage
+ * testing
+ * pages in the Derby Security Guide
+
+Elements of the grammar have the following meanings:
+
+ * policies - Root element.
+ * policy - Describes a policy file.
+ * name - Internal handle, referenced by <include> elements
+ * include - (Optional) Other policies to include
+ * output - (Optional) Name of file to generate; properties for customizing the grant targets
+ * block - A block of permissions to add or delete
+ * comment - (Optional) comment to place before the permission block
+ * a - Permission to add
+ * d - Permission to delete
+
+This grammar supports the following concepts:
+
+o Policy - A policy is a list of jars with an optional
+ set of instructions for how to format and output the
+ policy. A policy may include other policies.
+ At a high level, a policy may be viewed as a set of deltas
+ from the parent policies which it includes.
+
+o Jar - A jar is a grant target. It is a list of permission blocks.
+ The target is specified as a logical name which the output
+ descriptor later maps to a physical jar file name.
+
+o Block - A permission block is a (possibly commented) list of
+ privileges, which are granted to the enclosing jar.
+ Permissions may be added. They may also be deleted
+ from corresponding permission blocks included
+ by the enclosing policy.
+
+o Output - An output descriptor specifies the file to which the policy
+ is written. By default, the file will be formatted as a
+ valid Java security policy. However, the descriptor may
+ specify that the output should be formatted as DITA source
+ XML, for inclusion in the Derby Security Guide.
+ An output descriptor references a set of properties
+ which are used to map logical jar file names to actual,
+ physical files located in the local file system.
+-->
+
+<!ELEMENT policies (policy+)>
+<!ELEMENT policy (name, include*, output?, jar*)>
+<!ELEMENT name (#PCDATA)>
+<!ELEMENT include (#PCDATA)>
+<!ELEMENT output (file, properties, doc?)>
+<!ELEMENT file (#PCDATA)>
+<!ELEMENT properties (#PCDATA)>
+<!ELEMENT doc (title, shortDesc, majorIndexTerm, minorIndexTerm, longDesc)>
+<!ELEMENT jar (name, block+)>
+<!ELEMENT block (comment?, a*, d*)>
+<!ELEMENT comment (#PCDATA)>
+<!ELEMENT a (#PCDATA)>
+<!ELEMENT d (#PCDATA)>
Propchange: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.dtd
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml?rev=1845742&view=auto
==============================================================================
--- db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml (added)
+++ db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml Sun Nov 4 14:44:41 2018
@@ -0,0 +1,926 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE messages SYSTEM "securityPolicies.dtd">
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+
+
+<!--
+This file contains all of the permissions used by Derby policy files.
+
+For a description of the XML grammar used here, see securityPolicy.dtd.
+-->
+
+<policies>
+
+ <!--
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ !!
+ !! Production policies.
+ !!
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ -->
+
+ <!-- org.apache.derby.commons -->
+
+ <policy>
+ <name>basicCommons</name>
+
+ <jar>
+ <name>derbyshared.jar</name>
+
+ <block>
+ <comment>Needed to determine whether the JVM was booted with a module path.</comment>
+ <a>java.util.PropertyPermission "jdk.module.path", "read"</a>
+ </block>
+
+ <block>
+ <comment>Need in order to read message localizations from other derby jars
+when running with a module path.</comment>
+ <a>java.io.FilePermission "${derby.install.path}${/}-", "read"</a>
+ </block>
+
+ <block>
+ <comment>Gives permission for JMX to be used against Derby
+but only if JMX authentication is not being used.
+In that case the application would need to create
+a whole set of fine-grained permissions to allow specific
+users access to MBeans and actions they perform.</comment>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "monitor"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "server", "monitor"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!-- org.apache.derby.engine -->
+
+ <policy>
+ <name>basicEngine</name>
+ <include>basicCommons</include>
+
+ <jar>
+ <name>derby.jar</name>
+
+ <block>
+ <comment>These permissions are needed for everyday, embedded Derby usage.</comment>
+ <a>java.lang.RuntimePermission "createClassLoader"</a>
+ <a>java.util.PropertyPermission "derby.*", "read"</a>
+ <a>java.util.PropertyPermission "user.dir", "read"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals"</a>
+ <a>java.io.FilePermission "${derby.system.home}","read,write"</a>
+ <a>java.io.FilePermission "${derby.system.home}${/}-", "read,write,delete"</a>
+ <a>java.io.FilePermission "${derby.system.home}${/}derby.properties", "read"</a>
+ <a>java.io.FilePermission "${derby.system.home}${/}derby.log", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <comment>Properties needed to determine if the VM is 32 or 64 bit.</comment>
+ <a>java.util.PropertyPermission "sun.arch.data.model", "read"</a>
+ <a>java.util.PropertyPermission "os.arch", "read"</a>
+ </block>
+
+ <block>
+ <comment>Gives permission for JMX to be used against Derby
+but only if JMX authentication is not being used.
+In that case the application would need to create
+a whole set of fine-grained permissions to allow specific
+users access to MBeans and actions they perform.</comment>
+ <a>org.apache.derby.shared.common.security.SystemPermission "jmx", "control"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "monitor"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "server", "monitor"</a>
+ </block>
+
+ <block>
+ <comment>Permissions needed for JMX based management and monitoring.</comment>
+ <a>javax.management.MBeanServerPermission "createMBeanServer"</a>
+ </block>
+
+ <block>
+ <comment>Allows access to Derby's built-in MBeans, within the domain
+org.apache.derby. Derby must be allowed to register and unregister these
+MBeans. To fine tune this permission, see the javadoc of
+javax.management.MBeanPermission or the JMX Instrumentation and Agent Specification.</comment>
+ <a>javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]", "registerMBean,unregisterMBean"</a>
+ </block>
+
+ <block>
+ <comment>Trusts Derby code to be a source of MBeans and to register these in the MBean server.</comment>
+ <a>javax.management.MBeanTrustPermission "register"</a>
+ </block>
+
+ <block>
+ <comment>Optional permission needed for printing classpath information to derby.log.</comment>
+ <a>java.lang.RuntimePermission "getProtectionDomain"</a>
+ </block>
+
+ <block>
+ <comment>The following permission must be granted for Connection.abort(Executor) to work.
+Note that this permission must also be granted to outer (application) code domains.</comment>
+ <a>java.sql.SQLPermission "callAbort"</a>
+ </block>
+
+ <block>
+ <comment>Needed by FileUtil#limitAccessToOwner.</comment>
+ <a>java.lang.RuntimePermission "accessUserInformation"</a>
+ <a>java.lang.RuntimePermission "getFileStoreAttributes"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!-- optional engine permissions -->
+
+ <policy>
+ <name>optionalEngine</name>
+
+ <jar>
+ <name>derby.jar</name>
+
+ <block>
+ <comment>Needed to create a temp file in order to open a database in a jar file.
+permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete"</comment>
+ </block>
+
+ <block>
+ <comment>Customize the following permission in order to backup and restore
+Derby databases to/from a secure branch of your file system,
+preferably one owned by the database owner or the user who booted the JVM:
+permission java.io.FilePermission "/Users/me/backups/-", "read,write"</comment>
+ </block>
+
+ <block>
+ <comment>Customize the following permission in order to export and import
+tables to/from a secure branch of your file system,
+preferably one owned by the database owner or the user who booted the JVM:
+permission java.io.FilePermission "/Users/me/imports/-", "read,write"</comment>
+ </block>
+
+ <block>
+ <comment>Customize the following permission in order to load
+jar files which contain user-written types, aggregates, functions, and procedures.
+Those jar files should live in a secure branch of your file system,
+preferably one owned by the database owner or the user who booted the JVM:
+permission java.io.FilePermission "/Users/me/myJars/-", "read"</comment>
+ </block>
+
+ <block>
+ <comment>This permission lets a DBA reload the policy file while the server
+is still running. The policy file is reloaded by invoking
+the SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure:
+permission java.security.SecurityPermission "getPolicy"</comment>
+ </block>
+
+ <block>
+ <comment>This permission is needed to call DriverManager.deregisterDriver()
+and unload the Derby classes:
+permission java.sql.SQLPermission "deregisterDriver"</comment>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!-- engine template -->
+
+ <policy>
+ <name>engineTemplate</name>
+ <include>basicEngine</include>
+ <include>optionalEngine</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/engineTemplate.policy</file>
+ <properties>securityProduct.properties</properties>
+ </output>
+
+ <jar>
+ <name>derby.jar</name>
+
+ </jar>
+
+ </policy>
+
+ <!-- org.apache.derby.tools -->
+
+ <policy>
+ <name>basicTools</name>
+ <include>basicEngine</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/toolsTemplate.policy</file>
+ <properties>securityProduct.properties</properties>
+ </output>
+
+ <jar>
+ <name>derbytools.jar</name>
+
+ <block>
+ <comment>Access all properties using System.getProperties -
+ij enumerates the properties in order to open connections
+for any property set in ij.connection.* and set protocols
+for any property in ij.protocol.*</comment>
+ <a>java.util.PropertyPermission "*", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>Needed by sysinfo. The file permission is needed to check the existence
+of jars on the classpath. You can limit this permission to just the locations
+which hold your jar files.</comment>
+ <a>java.util.PropertyPermission "user.*", "read"</a>
+ <a>java.util.PropertyPermission "java.home", "read"</a>
+ <a>java.util.PropertyPermission "java.class.path", "read"</a>
+ <a>java.util.PropertyPermission "java.runtime.version", "read"</a>
+ <a>java.util.PropertyPermission "java.fullversion", "read"</a>
+ <a>java.lang.RuntimePermission "getProtectionDomain"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals"</a>
+ <a>java.io.FilePermission "<<ALL FILES>>", "read"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!-- core server permissions -->
+
+ <policy>
+ <name>coreServer</name>
+ <include>basicTools</include>
+
+ <jar>
+ <name>derbynet.jar</name>
+
+ <block>
+ <comment>Needed by FileUtil#limitAccessToOwner.</comment>
+ <a>java.lang.RuntimePermission "accessUserInformation"</a>
+ <a>java.lang.RuntimePermission "getFileStoreAttributes"</a>
+ <a>java.util.PropertyPermission "derby.__serverStartedFromCmdLine", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>Needed for NetworkServerMBean access.</comment>
+ <a>org.apache.derby.shared.common.security.SystemPermission "server", "control,monitor"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!-- customizable server permissions -->
+
+ <policy>
+ <name>customizableServer</name>
+
+ <jar>
+ <name>derbynet.jar</name>
+
+ <block>
+ <comment>Accept connections from any host. Derby is listening to the host interface
+specified via the -h command line option to "NetworkServerControl start",
+via the address parameter to the org.apache.derby.drda.NetworkServerControl
+constructor in the API, or via the property derby.drda.host.
+The default is localhost. You may want to restrict allowed hosts,
+e.g. to hosts in a specific subdomain like "*.example.com".</comment>
+ <a>java.net.SocketPermission "*", "accept"</a>
+ </block>
+
+ <block>
+ <comment>Allow the server to listen to the socket on the port specified with the
+-p option to "NetworkServerControl start" on the command line, or with
+the portNumber parameter to the NetworkServerControl constructor in the
+API, or with the property derby.drda.portNumber. The default is 1527.</comment>
+ <a>java.net.SocketPermission "localhost:${derby.security.port}", "listen"</a>
+ </block>
+
+ <block>
+ <comment>Needed for server tracing.</comment>
+ <a>java.io.FilePermission "${derby.drda.traceDirectory}${/}-", "read,write,delete"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!-- org.apache.derby.server -->
+
+ <policy>
+ <name>basicServer</name>
+ <include>coreServer</include>
+ <include>customizableServer</include>
+ <output>
+ <file>classes/drda/org/apache/derby/drda/server.policy</file>
+ <properties>securityProduct.properties</properties>
+ </output>
+
+ </policy>
+
+ <!-- org.apache.derby.client -->
+
+ <policy>
+ <name>basicClient</name>
+ <include>basicCommons</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/clientTemplate.policy</file>
+ <properties>securityProduct.properties</properties>
+ </output>
+
+ <jar>
+ <name>derbyclient.jar</name>
+
+ <block>
+ <comment>Modify this to be the server host instead of localhost.</comment>
+ <a>java.net.SocketPermission "localhost", "connect,resolve"</a>
+ </block>
+
+ <block>
+ <comment>DERBY-2302: derbyclient.jar needs to be able to read the user.dir property in order to
+do tracing in that directory. Also, it needs read/write permissions in user.dir in order
+to create the trace files in that directory.</comment>
+ <a>java.util.PropertyPermission "user.dir", "read"</a>
+ <a>java.io.FilePermission "${user.dir}${/}-", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>DERBY-1883: Since some classes that are included in both derby.jar and
+derbyclient.jar read properties, derbyclient.jar needs permission to read
+derby.* properties to avoid failures when it is listed before derby.jar in
+the classpath.</comment>
+ <a>java.util.PropertyPermission "derby.*", "read"</a>
+ </block>
+
+ <block>
+ <comment>The following permission must be granted for Connection.abort(Executor) to work.
+Note that this permission must also be granted to outer (application) code domains.</comment>
+ <a>java.sql.SQLPermission "callAbort"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!--
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ !!
+ !! Test policies.
+ !!
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ -->
+
+ <!-- Basic tests -->
+
+ <policy>
+ <name>basicTests</name>
+ <include>basicServer</include>
+ <include>basicClient</include>
+ <output>
+ <file>classes/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy</file>
+ <properties>securityTests.properties</properties>
+ </output>
+
+ <jar>
+ <name>derbyshared.jar</name>
+
+ <block>
+ <comment>These permissions are needed by AssertFailure to dump the thread stack
+traces upon failure.</comment>
+ <a>java.lang.RuntimePermission "getStackTrace"</a>
+ <a>java.lang.RuntimePermission "modifyThreadGroup"</a>
+ </block>
+
+ <block>
+ <comment>DERBY-2302: derbyclient.jar needs to be able to read the user.dir property in order to
+do tracing in that directory. Also, it needs read/write permissions in user.dir in order
+to create the trace files in that directory.</comment>
+ <a>java.util.PropertyPermission "user.dir", "read"</a>
+ <a>java.io.FilePermission "${user.dir}${/}-", "read,write"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derby.jar</name>
+
+ <block>
+ <comment>Needed to create a temp file in order to open a database in a jar file.</comment>
+ <a>java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <a>java.util.PropertyPermission "derby.storage.jvmInstanceId", "write"</a>
+ </block>
+
+ <block>
+ <comment>unit tests (e.g. store/T_RecoverFullLog) set this property
+(called from derbyTesting.jar through code in derby.jar)</comment>
+ <a>java.util.PropertyPermission "derbyTesting.unittest.*", "write"</a>
+ </block>
+
+ <block>
+ <comment>permissions so that we can set the context class loader to null
+for daemon threads to avoid class loader leak. DERBY-3745</comment>
+ <a>java.lang.RuntimePermission "getClassLoader"</a>
+ <a>java.lang.RuntimePermission "setContextClassLoader"</a>
+ </block>
+
+ <block>
+ <comment>For reloading the policy file.</comment>
+ <a>java.security.SecurityPermission "getPolicy"</a>
+ </block>
+
+ <block>
+ <comment>[DERBY-2000] The write permission was added to allow creation of
+the derby.system.home directory when running tests under a security manager.</comment>
+ <a>java.io.FilePermission "${derby.system.home}", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>Import/export and other support files from these locations in tests</comment>
+ <a>java.io.FilePermission "${user.dir}${/}extin${/}-", "read"</a>
+ <a>java.io.FilePermission "${user.dir}${/}extinout${/}-", "read,write,delete"</a>
+ <a>java.io.FilePermission "${user.dir}${/}extout${/}-", "read,write"</a>
+ <a>java.io.FilePermission "${user.dir}${/}extinout", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>needed to create a temp file in order to open a database in a jar file</comment>
+ <a>java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <comment>This permission is needed to call DriverManager.deregisterDriver().</comment>
+ <a>java.sql.SQLPermission "deregisterDriver"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derbynet.jar</name>
+
+ <block>
+ <comment>Tighten up the connection permissions.</comment>
+ <d>java.net.SocketPermission "*", "accept"</d>
+ <a>java.net.SocketPermission "127.0.0.1", "accept,connect"</a>
+ <a>java.net.SocketPermission "localhost", "accept,connect,listen"</a>
+ <a>java.net.SocketPermission "${derbyTesting.clienthost}", "accept,connect"</a>
+ <a>java.net.SocketPermission "${derbyTesting.serverhost}", "accept,connect"</a>
+ </block>
+
+ <block>
+ <comment>Need to be able to write to trace file for NetworkServerControlApiTest</comment>
+ <a>java.io.FilePermission "${user.dir}${/}system${/}trace", "read,write"</a>
+ <a>java.io.FilePermission "${user.dir}${/}system${/}trace${/}-", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>Need read/write to trace file for RestrictiveFilePermissionsTest</comment>
+ <a>java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_restr", "read,write"</a>
+ <a>java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_lax", "read,write"</a>
+ <a>java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_restr${/}-", "read,write"</a>
+ <a>java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_lax${/}-", "read,write"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derbyclient.jar</name>
+
+ <block>
+ <comment>Tighten up the connection permissions.</comment>
+ <a>java.net.SocketPermission "127.0.0.1", "connect,resolve"</a>
+ <a>java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derbytools.jar</name>
+
+ <block>
+ <comment>Read all files under ${user.dir}</comment>
+ <d>java.io.FilePermission "<<ALL FILES>>", "read"</d>
+ <a>java.io.FilePermission "${user.dir}${/}-", "read"</a>
+ </block>
+
+ <block>
+ <comment>IjTestCases read, write, and delete ij's output in the extinout dir</comment>
+ <a>java.io.FilePermission "${user.dir}${/}extinout${/}-", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <comment>ij needs permission to read the sql files in this jar</comment>
+ <a>java.io.FilePermission "${derbyTesting.testjarpath}", "read"</a>
+ </block>
+
+ <block>
+ <comment>These permissions are needed by AssertFailure to dump the thread stack
+traces upon failure.</comment>
+ <a>java.lang.RuntimePermission "getStackTrace"</a>
+ <a>java.lang.RuntimePermission "modifyThreadGroup"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derbyoptionaltools.jar</name>
+
+ <block>
+ <comment>Needed by SimpleJsonTest</comment>
+ <a>java.io.FilePermission "${user.dir}${/}extin${/}-", "read"</a>
+ </block>
+
+ </jar>
+
+ <!--
+ Permissions for the tests (derbyTesting.jar)
+ We are liberal here, it's not a goal to make the test harness
+ or tests secure.Production policies.
+ -->
+ <jar>
+ <name>derbyTesting.jar</name>
+
+ <block>
+ <comment>Access all properties using System.getProperties</comment>
+ <a>java.util.PropertyPermission "*", "read,write"</a>
+ </block>
+
+ <block>
+ <comment>Need by various tests which call the ContextService</comment>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals"</a>
+ </block>
+
+ <block>
+ <comment>Access all files under ${user.dir}to write the test directory structure</comment>
+ <a>java.io.FilePermission "${user.dir}${/}-", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <comment>Tests need to be able to exec a java program. DERBY-6295: Also give them
+read permission so that detailed error message is shown.</comment>
+ <a>java.io.FilePermission "${java.home}${/}-", "execute, read"</a>
+ </block>
+
+ <block>
+ <comment>When running with useprocess=false need to install and uninstall
+the security manager and allow setIO to change the system err and out
+streams. Currently the nist suite runs with useprocess=false.</comment>
+ <a>java.lang.RuntimePermission "setSecurityManager"</a>
+ <a>java.security.SecurityPermission "getPolicy"</a>
+ <a>java.lang.RuntimePermission "setIO"</a>
+ </block>
+
+ <block>
+ <comment>Needed by ClasspathSetup to change the classloader</comment>
+ <a>java.lang.RuntimePermission "createClassLoader"</a>
+ <a>java.lang.RuntimePermission "setContextClassLoader"</a>
+ </block>
+
+ <block>
+ <comment>These permissions are needed to dump the thread stack traces upon failure.</comment>
+ <a>java.lang.RuntimePermission "getStackTrace"</a>
+ <a>java.lang.RuntimePermission "modifyThreadGroup"</a>
+ </block>
+
+ <block>
+ <comment>Allow MBeanTest to register the application management MBean.</comment>
+ <a>javax.management.MBeanServerPermission "createMBeanServer"</a>
+ <a>javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]", "registerMBean,unregisterMBean"</a>
+ <a>javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate"</a>
+ <a>javax.management.MBeanTrustPermission "register"</a>
+ </block>
+
+ <block>
+ <comment>And to find and use Derby's MBeans</comment>
+ <a>javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,setAttribute,invoke"</a>
+ <a>javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo"</a>
+ <a>javax.management.MBeanPermission "-#-[-]", "queryNames"</a>
+ <a>javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames"</a>
+ </block>
+
+ <block>
+ <comment>Test code needs this as well for the platform MBeanServer
+tests where the testing code is in the stack frame.</comment>
+ <a>org.apache.derby.shared.common.security.SystemPermission "jmx", "control"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "engine", "monitor"</a>
+ <a>org.apache.derby.shared.common.security.SystemPermission "server", "control,monitor"</a>
+ </block>
+
+ <block>
+ <comment>This permission is needed to call the Connection.abort(Executor) method added by JDBC 4.1</comment>
+ <a>java.sql.SQLPermission "callAbort"</a>
+ </block>
+
+ <block>
+ <comment>Needed by FileUtil#limitAccessToOwner</comment>
+ <a>java.lang.RuntimePermission "accessUserInformation"</a>
+ <a>java.lang.RuntimePermission "getFileStoreAttributes"</a>
+ </block>
+
+ <block>
+ <comment>Needed by NetworkServerTestSetup when probing ports.</comment>
+ <a>java.net.SocketPermission "localhost", "listen"</a>
+ </block>
+
+ <block>
+ <comment>Needed by ClasspathSetup for freeing resources.</comment>
+ <a>java.lang.RuntimePermission "closeClassLoader"</a>
+ </block>
+
+ <block>
+ <comment>Needed by AutoloadTest to get at spawned process pid (Unixen) and call jstack:</comment>
+ <a>java.lang.RuntimePermission "accessDeclaredMembers"</a>
+ <a>java.lang.reflect.ReflectPermission "suppressAccessChecks"</a>
+ </block>
+
+ <block>
+ <comment>Presumes we have a JDK: First "..": back up past "jre"</comment>
+ <a>java.io.FilePermission "${java.home}${/}..${/}bin${/}-", "execute, read"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>junit.jar</name>
+
+ <block>
+ <comment>JUnit jar file tries to read junit.properties in the user's
+home directory and seems to require permission to read the
+property user.home as well.
+junit.swingui.TestRunner writes to .junitsession on exit.</comment>
+ <a>java.util.PropertyPermission "user.home", "read"</a>
+ <a>java.io.FilePermission "${user.home}${/}junit.properties", "read"</a>
+ <a>java.io.FilePermission "${user.home}${/}.junitsession", "write"</a>
+ </block>
+
+ <block>
+ <comment>This permission is needed when running the tests using ant 1.7</comment>
+ <a>java.io.FilePermission "${user.dir}${/}*", "write"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>ant-junit.jar</name>
+
+ <block>
+ <comment>Ant's junit runner requires setOut to redirect the System output streams
+to the forked JVM used when running junit tests inside Ant. Ant requires
+forking the JVM if you want to run tests in a different directory than the
+current one.</comment>
+ <a>java.lang.RuntimePermission "setIO"</a>
+ </block>
+
+ <block>
+ <comment>This permission is needed when running the tests using ant 1.7</comment>
+ <a>java.io.FilePermission "${user.dir}${/}*", "write"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>ant.jar</name>
+
+ <block>
+ <comment>Starting with Ant 1.9.3, write permission has to be granted to ant.jar
+as well so that Ant's JUnit runner can write test results to a file.
+Only needed when running the tests under Ant. See DERBY-6685.</comment>
+ <a>java.io.FilePermission "${user.dir}${/}*", "write"</a>
+ </block>
+
+ </jar>
+
+ <!--
+ Grants to all code bases
+ -->
+ <jar>
+ <name></name>
+
+ <block>
+ <comment>functionTests.tests.lang.RoutineSecurityTest requires this grant
+to check to see if permissions are granted through generated code
+through this mechanism.</comment>
+ <a>java.util.PropertyPermission "derbyRoutineSecurityTest.yes", "read"</a>
+ </block>
+
+ <block>
+ <comment>These permissions are needed when testing code instrumented with EMMA.
+They will only be used if the emma.active system property property is
+set, which should be set to "" for the permissions to be correct. Must
+be granted to all code bases because EMMA doesn't use doPrivileged
+blocks around the code that needs the permissions.</comment>
+ <a>java.util.PropertyPermission "${emma.active}user.dir", "read"</a>
+ <a>java.io.FilePermission "${emma.active}${user.dir}${/}coverage.ec", "read,write"</a>
+ <a>java.lang.RuntimePermission "${emma.active}writeFileDescriptor"</a>
+ </block>
+
+ <block>
+ <comment>Grant the required permissions for JaCoCo (code coverage tool).</comment>
+ <a>java.io.FilePermission "${jacoco.active}${user.dir}${/}*", "read,write"</a>
+ <a>java.io.FilePermission "${jacoco.active}${user.dir}${/}..${/}jacoco.exec", "read,write"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>jaxp.jar</name>
+
+ <block>
+ <comment>When inserting XML values that use external DTD's, the JAXP parser
+needs permission to read the DTD files. We assume that all DTD
+files will be copied to extin/ by whichever tests need them. So
+grant the JAXP parser permissions to read that directory.</comment>
+ <a>java.io.FilePermission "${user.dir}${/}extin${/}-", "read"</a>
+ </block>
+
+ </jar>
+
+ <!--
+ Permissions for package-private tests run from 'classes.pptesting'
+ -->
+ <jar>
+ <name>ppcodeclasses</name>
+
+ <block>
+ <comment>Needed for ProtocolTest - allows connection to a server</comment>
+ <a>java.net.SocketPermission "127.0.0.1", "connect,resolve"</a>
+ <a>java.net.SocketPermission "localhost", "connect,resolve"</a>
+ <a>java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve"</a>
+ </block>
+
+ <block>
+ <comment>Allows reading support files in 'extin'</comment>
+ <a>java.io.FilePermission "${user.dir}${/}extin${/}-", "read"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+ <!--
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ !!
+ !! DITA Documentation in the Derby Security Guide
+ !!
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ -->
+
+ <policy>
+ <name>basicEngineDoc</name>
+ <include>engineTemplate</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/rsecbasicengine.dita</file>
+ <properties>securityProduct.properties</properties>
+ <doc>
+ <title>Basic engine security policy template</title>
+ <shortDesc>Customize this policy if your application embeds the Derby engine, running Derby and application code in a single JVM process.</shortDesc>
+ <majorIndexTerm>Embedded Engine</majorIndexTerm>
+ <minorIndexTerm>basic policy</minorIndexTerm>
+ <longDesc>The embedded engine policy grants essential permissions to the engine and shared modules.</longDesc>
+ </doc>
+ </output>
+ </policy>
+
+ <policy>
+ <name>basicServerDoc</name>
+ <include>basicServer</include>
+ <include>optionalEngine</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/rsecbasicserver.dita</file>
+ <properties>securityProduct.properties</properties>
+ <doc>
+ <title>Basic server security policy template</title>
+ <shortDesc>Customize this policy if you run a Derby server, either standalone or embedded inside your application.</shortDesc>
+ <majorIndexTerm>Network Server</majorIndexTerm>
+ <minorIndexTerm>basic policy</minorIndexTerm>
+ <longDesc>This policy grants essential permissions to the server, tools, engine, and shared modules.</longDesc>
+ </doc>
+ </output>
+ </policy>
+
+ <policy>
+ <name>basicClientDoc</name>
+ <include>basicClient</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/rsecbasicclient.dita</file>
+ <properties>securityProduct.properties</properties>
+ <doc>
+ <title>Basic client security policy template</title>
+ <shortDesc>Customize this policy if you run a client-side application, which connects to a Derby server across a network.</shortDesc>
+ <majorIndexTerm>Network Server</majorIndexTerm>
+ <minorIndexTerm>basic policy</minorIndexTerm>
+ <longDesc>This policy grants essential permissions to the client and shared modules.</longDesc>
+ </doc>
+ </output>
+ </policy>
+
+ <policy>
+ <name>basicToolsDoc</name>
+ <include>basicTools</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/rsecbasictools.dita</file>
+ <properties>securityProduct.properties</properties>
+ <doc>
+ <title>Basic tools security policy template</title>
+ <shortDesc>Customize this policy if you run Derby tools against an embedded Derby engine.</shortDesc>
+ <majorIndexTerm>Network Server</majorIndexTerm>
+ <minorIndexTerm>basic policy</minorIndexTerm>
+ <longDesc>This policy grants essential permissions to the tools, engine, and shared modules.</longDesc>
+ </doc>
+ </output>
+ </policy>
+
+ <policy>
+ <name>customizedExampleDoc</name>
+ <include>coreServer</include>
+ <output>
+ <file>generated/java/org.apache.derby.engine/org/apache/derby/security/rsecpolicysample.dita</file>
+ <properties>securityDocExample.properties</properties>
+ <doc>
+ <title>Sample customized Java security policy file</title>
+ <shortDesc>Here is a sample customized Java security policy file.</shortDesc>
+ <majorIndexTerm>Network Server</majorIndexTerm>
+ <minorIndexTerm>basic policy</minorIndexTerm>
+ <longDesc>This example configures a server's permissions to allow network access and to allow backup/restore, import/export, and the loading of user-written code:</longDesc>
+ </doc>
+ </output>
+
+ <jar>
+ <name>derby.jar</name>
+
+ <block>
+ <comment>Support backup/restore to/from a secure branch of the file system
+owned by the user who booted the JVM:</comment>
+ <a>java.io.FilePermission "/Users/me/derby/dummy/backups/-", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <comment>Support export/import of tables to/from a secure branch of the file system
+owned by the user who booted the JVM:</comment>
+ <a>java.io.FilePermission "/Users/me/derby/dummy/imports/-", "read,write,delete"</a>
+ </block>
+
+ <block>
+ <comment>Support loading of jar files which contain user-written types,
+aggregates, functions, and procedures when those jar files live
+in a secure branch of the file system owned by the the user who booted the JVM:</comment>
+ <a>java.io.FilePermission /Users/me/derby/dummy/jars/-", "read"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derbynet.jar</name>
+
+ <block>
+ <comment>Accept connections from any host. Derby is listening to the host interface
+specified via the -h command line option to "NetworkServerControl start",
+via the address parameter to the org.apache.derby.drda.NetworkServerControl
+constructor in the API, or via the property derby.drda.host.
+The default is localhost. You may want to restrict allowed hosts,
+e.g. to hosts in a specific subdomain like "*.example.com".</comment>
+ <a>java.net.SocketPermission "localhost:0-", "accept"</a>
+ </block>
+
+ <block>
+ <comment>Allow the server to listen to the socket on the port specified with the
+-p option to "NetworkServerControl start" on the command line, or with
+the portNumber parameter to the NetworkServerControl constructor in the
+API, or with the property derby.drda.portNumber. The default is 1527.</comment>
+ <a>java.net.SocketPermission "localhost:1527", "listen"</a>
+ </block>
+
+ <block>
+ <comment>Support the writing of traces into a branch of the file system
+owned by the user who booted the JVM:</comment>
+ <a>java.io.FilePermission "Users/me/derby/dummy/traces${/}-", "read,write,delete"</a>
+ </block>
+
+ </jar>
+
+ <jar>
+ <name>derbytools.jar</name>
+
+ <block>
+ <d>java.io.FilePermission "<<ALL FILES>>", "read"</d>
+ <a>java.io.FilePermission "/Users/me/javadb/lib/-", "read"</a>
+ </block>
+
+ </jar>
+
+ </policy>
+
+</policies>
+
Propchange: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityProduct.properties
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityProduct.properties?rev=1845742&view=auto
==============================================================================
--- db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityProduct.properties (added)
+++ db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityProduct.properties Sun Nov 4 14:44:41 2018
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# These properties define the location of the Derby jar files
+# accessed by production applications. These values are substituted
+# into the grant targets in securityPolicies.xml.
+#
+
+# product jars
+
+derbyshared.jar=${derby.install.url}derbyshared.jar
+derby.jar=${derby.install.url}derby.jar
+derbytools.jar=${derby.install.url}derbytools.jar
+derbynet.jar=${derby.install.url}derbynet.jar
+derbyclient.jar=${derby.install.url}derbyclient.jar
Propchange: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityProduct.properties
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties?rev=1845742&view=auto
==============================================================================
--- db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties (added)
+++ db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties Sun Nov 4 14:44:41 2018
@@ -0,0 +1,43 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# These properties define the location of the Derby jar files
+# accessed by the Derby tests. These values are substituted
+# into the grant targets in securityPolicies.xml.
+#
+
+# product jars
+
+derbyshared.jar=${derbyTesting.shared}
+derby.jar=${derbyTesting.engine}
+derbytools.jar=${derbyTesting.tools}
+derbynet.jar=${derbyTesting.netserver}
+derbyclient.jar=${derbyTesting.client}
+derbyoptionaltools.jar=${derbyTesting.optionaltools}
+
+# Derby code base when the test run with classes rather than jars
+ppcodeclasses=${derbyTesting.ppcodeclasses}
+
+# Test jars
+
+derbyTesting.jar=${derbyTesting.testing}
+
+# 3rd party jars
+
+junit.jar=${derbyTesting.junit}
+ant-junit.jar=${derbyTesting.antjunit}
+ant.jar=${derbyTesting.ant}
+jaxp.jar=${derbyTesting.jaxpjar}
Propchange: db/derby/code/trunk/java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties
------------------------------------------------------------------------------
svn:eol-style = native
Modified: db/derby/code/trunk/java/org.apache.derby.server/build.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/org.apache.derby.server/build.xml?rev=1845742&r1=1845741&r2=1845742&view=diff
==============================================================================
--- db/derby/code/trunk/java/org.apache.derby.server/build.xml (original)
+++ db/derby/code/trunk/java/org.apache.derby.server/build.xml Sun Nov 4 14:44:41 2018
@@ -73,11 +73,6 @@
</modulepath>
</javac>
- <copy
- todir="${out.drda.dir}/${derby.dir}/drda/"
- file="${derby.drda.dir}/drda/server.policy"
- />
-
<copy todir="${drdaloc.dir}" flatten="true">
<fileset dir="${derby.drda.locales.dir}">
<include name="messages*.properties"/>