You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by rh...@apache.org on 2022/05/04 14:48:28 UTC
svn commit: r1900554 - in /db/derby/docs/trunk/src: adminguide/ ref/ security/
Author: rhillegas
Date: Wed May 4 14:48:28 2022
New Revision: 1900554
URL: http://svn.apache.org/viewvc?rev=1900554&view=rev
Log:
DERBY-7138: Remove more SecurityManager references from the user docs; commit derby-7138-14-aa-removeMoreDocReferences.diff.
Modified:
db/derby/docs/trunk/src/adminguide/radminconfigdb2jdrdatracedirectory.dita
db/derby/docs/trunk/src/adminguide/radminjmxdisable.dita
db/derby/docs/trunk/src/adminguide/radminjmxenablepwd.dita
db/derby/docs/trunk/src/adminguide/radminjmxtroubleshoot.dita
db/derby/docs/trunk/src/adminguide/tadminadv804410.dita
db/derby/docs/trunk/src/ref/rrefjdbc4_1connection.dita
db/derby/docs/trunk/src/ref/rrefproperextdiagsevlevel.dita
db/derby/docs/trunk/src/security/cseccsecure41285.dita
db/derby/docs/trunk/src/security/cseccsecure90988.dita
db/derby/docs/trunk/src/security/cseccsecuree.dita
db/derby/docs/trunk/src/security/csecintroderbydefenses.dita
db/derby/docs/trunk/src/security/csecintromapping.dita
db/derby/docs/trunk/src/security/csecintrootherdefenses.dita
db/derby/docs/trunk/src/security/csecintrosafer.dita
db/derby/docs/trunk/src/security/csecputtogether.dita
db/derby/docs/trunk/src/security/tseccsecure81850.dita
db/derby/docs/trunk/src/security/tseccsecure82556.dita
Modified: db/derby/docs/trunk/src/adminguide/radminconfigdb2jdrdatracedirectory.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radminconfigdb2jdrdatracedirectory.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radminconfigdb2jdrdatracedirectory.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radminconfigdb2jdrdatracedirectory.dita Wed May 4 14:48:28 2022
@@ -27,16 +27,7 @@ limitations under the License.
<refbody>
<section><title>Security Considerations</title>
<p>The Network Server will attempt to create the trace directory (and any parent
-directories) if they do not exist. This will require that the Java security
-policy for <codeph>derbynet.jar</codeph> permits verification of the existence
-of the named trace directory and all necessary parent directories. For each
-directory created, the policy must allow</p>
-<codeblock>permission java.io.FilePermission "<i>directory</i>", "read,write";</codeblock>
-<p>and for the trace directory itself, the policy must allow</p>
-<codeblock>permission java.io.FilePermission "<i>tracedirectory</i>${/}-", "write";</codeblock>
-<p>See "Configuring Java security" in the
-<ph conref="../conrefs.dita#pub/citsec"></ph> for information about customizing
-the Network Server's security policy.</p>
+directories) if they do not exist.</p>
</section>
<refsyn><title>Syntax</title>
<codeblock>derby.drda.traceDirectory=<i>traceFileDirectory</i></codeblock>
Modified: db/derby/docs/trunk/src/adminguide/radminjmxdisable.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radminjmxdisable.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radminjmxdisable.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radminjmxdisable.dita Wed May 4 14:48:28 2022
@@ -20,8 +20,7 @@ limitations under the License.
<reference id="radminjmxdisable" xml:lang="en-us">
<title>Disabling access to MBeans</title>
<shortdesc>You may wish to disable or restrict access to MBeans in
-security-conscious environments. You can do this using either of the following
-techniques.</shortdesc>
+security-conscious environments.</shortdesc>
<prolog><metadata>
<keywords><indexterm>Java Management Extensions (JMX) technology</indexterm>
<indexterm>JMX<indexterm>disabling access</indexterm></indexterm>
@@ -29,33 +28,11 @@ techniques.</shortdesc>
</metadata></prolog>
<refbody>
<section>
-<p>The first technique is to use the <codeph>stopManagement()</codeph> method of
+<p>Use the <codeph>stopManagement()</codeph> method of
<codeph>ManagementMBean</codeph>. This method unregisters all of the
<ph conref="../conrefs.dita#prod/productshortname"></ph> MBeans except
<codeph>ManagementMBean</codeph> itself, so it does not turn access off
completely.</p>
-<p>The second technique is to run the Network Server with a custom security
-policy that does not grant <codeph>derby.jar</codeph> the permissions needed to
-register MBeans. For example, you can modify the Network Server's basic policy
-by commenting out this section:</p>
-<codeblock>// Allows access to <ph conref="../conrefs.dita#prod/productshortname"></ph>'s built-in MBeans, within the domain
-// org.apache.derby.
-// <ph conref="../conrefs.dita#prod/productshortname"></ph> must be allowed to register and unregister these MBeans.
-// It is possible to allow access only to specific MBeans, attributes or
-// operations. To fine tune this permission, see the javadoc of
-// javax.management.MBeanPermission or the JMX Instrumentation and Agent
-// Specification.
-//
-permission javax.management.MBeanPermission
- "org.apache.derby.*#[org.apache.derby:*]",
- "registerMBean,unregisterMBean";</codeblock>
-<p>If the permission to register MBeans is not granted to
-<codeph>derby.jar</codeph>,
-<ph conref="../conrefs.dita#prod/productshortname"></ph> will silently skip
-starting the management service at boot time.</p>
-<p>See "Configuring Java security" in the
-<ph conref="../conrefs.dita#pub/citsec"></ph> for information about customizing
-the Network Server's security policy.</p>
</section>
</refbody>
</reference>
Modified: db/derby/docs/trunk/src/adminguide/radminjmxenablepwd.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radminjmxenablepwd.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radminjmxenablepwd.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radminjmxenablepwd.dita Wed May 4 14:48:28 2022
@@ -32,11 +32,6 @@ authentication.</shortdesc>
authentication is enabled by default, and it is possible to specify a properties
file that contains usernames and passwords. The properties file syntax is the
same as for other Java properties files.</p>
-<p><note>When authentication is enabled and a Java Security Manager is
-installed, additional permissions may need to be granted to users in the
-security policy used. See
-<xref href="radminjmxenablepolicy.dita#radminjmxenablepolicy"></xref> for
-details.</note></p>
<p>For example, you could create a password file called
<codeph>jmxremote.password</codeph>:</p>
<codeblock>## Defining two "roles", each with its own password
Modified: db/derby/docs/trunk/src/adminguide/radminjmxtroubleshoot.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radminjmxtroubleshoot.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radminjmxtroubleshoot.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radminjmxtroubleshoot.dita Wed May 4 14:48:28 2022
@@ -23,7 +23,7 @@ limitations under the License.
using JMX, it may be helpful to obtain some tracing information.</shortdesc>
<prolog><metadata>
<keywords><indexterm>Java Management Extensions (JMX) technology</indexterm>
-<indexterm>JMX<indexterm>using a security policy</indexterm></indexterm>
+<indexterm>JMX</indexterm>
</keywords>
</metadata></prolog>
<refbody>
Modified: db/derby/docs/trunk/src/adminguide/tadminadv804410.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminadv804410.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/tadminadv804410.dita (original)
+++ db/derby/docs/trunk/src/adminguide/tadminadv804410.dita Wed May 4 14:48:28 2022
@@ -51,16 +51,7 @@ The names of the tracing files are deter
trace directory, the tracing files will be placed in
<codeph>derby.system.home</codeph>.</p>
<p>The Network Server will attempt to create the trace directory (and any parent
-directories) if they do not exist. This will require that the Java security
-policy for <codeph>derbynet.jar</codeph> permits verification of the existence
-of the named trace directory and all necessary parent directories. For each
-directory created, the policy must allow</p>
-<codeblock>permission java.io.FilePermission "<i>directory</i>", "read,write";</codeblock>
-<p>For the trace directory itself, the policy must allow</p>
-<codeblock>permission java.io.FilePermission "<i>tracedirectory</i>${/}-", "write";</codeblock>
-<p>See "Configuring Java security" in the
-<ph conref="../conrefs.dita#pub/citsec"></ph> for information about customizing
-the Network Server's security policy.</p>
+directories) if they do not exist.</p>
</stepxmp>
</step>
</steps>
Modified: db/derby/docs/trunk/src/ref/rrefjdbc4_1connection.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefjdbc4_1connection.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefjdbc4_1connection.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefjdbc4_1connection.dita Wed May 4 14:48:28 2022
@@ -32,16 +32,7 @@ limitations under the License.
<p>
The <i>abort(Executor)</i> method aborts
a running connection. Outstanding transactional work is rolled back, and the
-physical connection to the database is destroyed. When running under a Java
-<i>SecurityManager</i>, this method can be called only if
-<i>SQLPermission("callAbort")</i> has been granted both to the
-<ph conref="../conrefs.dita#prod/productshortname"></ph> JDBC driver (in
-<i>derby.jar</i> and <i>derbyclient.jar</i>) and to the
-application code that calls <i>Connection.abort()</i>. For security reasons,
-permission to execute this method should not be granted lightly. Do not grant
-this permission to application code unless you are certain that only superusers
-can invoke the code. For more information, see "Configuring Java security" in
-the <ph conref="../conrefs.dita#pub/citsec"></ph>.
+physical connection to the database is destroyed.
</p>
</section>
</refbody>
Modified: db/derby/docs/trunk/src/ref/rrefproperextdiagsevlevel.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefproperextdiagsevlevel.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefproperextdiagsevlevel.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefproperextdiagsevlevel.dita Wed May 4 14:48:28 2022
@@ -34,10 +34,6 @@ error.</shortdesc>
diagnostic information will appear in the <i>derby.log</i> file. In addition,
with IBM Java Virtual Machines (JVMs), a javacore file with additional
information is created.</p>
-<p>To allow the information to be dumped to the log, you must grant two
-permissions to <ph conref="../conrefs.dita#prod/productshortname"></ph> in your
-security policy file. See "Configuring Java security" in the
-<ph conref="../conrefs.dita#pub/citsec"></ph>.</p>
<p>Any error raised in a
<ph conref="../conrefs.dita#prod/productshortname"></ph> system is given a level
of severity. This property indicates the minimum severity necessary for an error
Modified: db/derby/docs/trunk/src/security/cseccsecure41285.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/cseccsecure41285.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/cseccsecure41285.dita (original)
+++ db/derby/docs/trunk/src/security/cseccsecure41285.dita Wed May 4 14:48:28 2022
@@ -42,10 +42,6 @@ scope="external"/>, and the LDAP section
scope="external"/>.
</p>
<p>To use an LDAP directory service, set
-<codeph>derby.authentication.provider</codeph> to <codeph>LDAP</codeph> and
-specify appropriate permissions in your security policy file (see
-<xref href="csecjavasecurity.dita"/>.</p>
-<p>This section describes how to authenticate users with the OpenDS LDAP
-server.</p>
+<codeph>derby.authentication.provider</codeph> to <codeph>LDAP</codeph>.</p>
</conbody>
</concept>
Modified: db/derby/docs/trunk/src/security/cseccsecure90988.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/cseccsecure90988.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/cseccsecure90988.dita (original)
+++ db/derby/docs/trunk/src/security/cseccsecure90988.dita Wed May 4 14:48:28 2022
@@ -35,10 +35,7 @@ will verify the validity of the signatur
only validates the integrity of the signed jar file and verifies that the
certificate has not expired.
<ph conref="../conrefs.dita#prod/productshortname"></ph> cannot ascertain
-whether the validity or identity of declared signer is correct. To validate
-identity, use a Security Manager (that is, an implementation of
-<codeph>java.lang.SecurityManager</codeph>). For details, see
-<xref href="csecjavasecurity.dita"/>.</note>
+whether the validity or identity of declared signer is correct.</note>
<p>When loading classes from an application jar file in a Java SE environment,
<ph conref="../conrefs.dita#prod/productshortname"></ph> behaves as follows if
the class is signed:</p>
Modified: db/derby/docs/trunk/src/security/cseccsecuree.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/cseccsecuree.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/cseccsecuree.dita (original)
+++ db/derby/docs/trunk/src/security/cseccsecuree.dita Wed May 4 14:48:28 2022
@@ -72,9 +72,6 @@ Authorization grants users or roles perm
to a database.</p>
<p>For more information about authorization, see
<xref href="csecauthorization.dita#csecauthorization"></xref>.</p></li>
-<li>Customize the default security policy.
-<p>For details, see
-<xref href="csecjavasecurity.dita#csecjavasecurity"></xref>.</p></li>
<li>If necessary, restrict database file access to the operating system account
that started the JVM.
<p>For details, see <xref href="csecnetservfileperms.dita"/>.</p></li>
Modified: db/derby/docs/trunk/src/security/csecintroderbydefenses.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintroderbydefenses.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecintroderbydefenses.dita (original)
+++ db/derby/docs/trunk/src/security/csecintroderbydefenses.dita Wed May 4 14:48:28 2022
@@ -39,15 +39,6 @@ numerous defenses against security threa
</thead>
<tbody>
<row>
-<entry colname="1">Java security</entry>
-<entry colname="2">System Administrator</entry>
-<entry colname="3">Using a Java <codeph>SecurityManager</codeph> and policy
-file, the System Administrator can restrict the permissions granted to
-user-written code. The System Administrator can also restrict the permissions
-granted to <ph conref="../conrefs.dita#prod/productshortname"></ph>
-itself.</entry>
-</row>
-<row>
<entry colname="1">SSL/TLS</entry>
<entry colname="2">System Administrator</entry>
<entry colname="3">The System Administrator can require that SSL/TLS be used to
Modified: db/derby/docs/trunk/src/security/csecintromapping.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintromapping.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecintromapping.dita (original)
+++ db/derby/docs/trunk/src/security/csecintromapping.dita Wed May 4 14:48:28 2022
@@ -42,14 +42,6 @@ sure that you are still shielded from th
</thead>
<tbody>
<row>
-<entry colname="1">Java security</entry>
-<entry colname="2">Theft, corruption, denial of service</entry>
-<entry colname="3">Insiders and outsiders</entry>
-<entry colname="4">Malware, physical access</entry>
-<entry colname="5">Network JDBC, unbounded growth, CPU hogging, launch
-privileges, user code, open source</entry>
-</row>
-<row>
<entry colname="1">SSL/TLS</entry>
<entry colname="2">Theft and corruption</entry>
<entry colname="3">Insiders and outsiders</entry>
Modified: db/derby/docs/trunk/src/security/csecintrootherdefenses.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrootherdefenses.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrootherdefenses.dita (original)
+++ db/derby/docs/trunk/src/security/csecintrootherdefenses.dita Wed May 4 14:48:28 2022
@@ -44,6 +44,7 @@ account that launches
<ph conref="../conrefs.dita#prod/productshortname"></ph>.</li>
<li><b>Quotas</b>: Limit the file space and CPU that an account can
consume.</li>
+<li><b>Containerization</b>: Use an operating system container to limit resource consumption and access.</li>
</ul>
</conbody>
</concept>
Modified: db/derby/docs/trunk/src/security/csecintrosafer.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrosafer.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrosafer.dita (original)
+++ db/derby/docs/trunk/src/security/csecintrosafer.dita Wed May 4 14:48:28 2022
@@ -35,11 +35,6 @@ not be the operating system's superuser.
Administrator account to just the directories that the application should be
allowed to read and write. Do not grant read or write access on these
directories to any other operating system accounts.</li>
-<li><b>Create a policy file</b>: Write your own Java Security policy that
-restricts the directories that
-<ph conref="../conrefs.dita#prod/productshortname"></ph> can access and the
-sockets on which it can accept connections. See
-<xref href="csecjavasecurity.dita"/> for more information.</li>
<li><b>Prevent JDBC leaks</b>: Do not let JDBC connections leak outside your
intranet's firewall. If possible, design your application so that external
clients talk to an application server, which in turn communicates with
Modified: db/derby/docs/trunk/src/security/csecputtogether.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecputtogether.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecputtogether.dita (original)
+++ db/derby/docs/trunk/src/security/csecputtogether.dita Wed May 4 14:48:28 2022
@@ -23,7 +23,7 @@ limitations under the License.
<shortdesc>This section shows how to enable all available
<ph conref="../conrefs.dita#prod/productshortname"></ph> defenses.</shortdesc>
<conbody>
-<p>This example uses Java security, SSL encryption, NATIVE authentication, and both
+<p>This example uses SSL encryption, NATIVE authentication, and both
coarse-grained and fine-grained authorization.</p>
</conbody>
</concept>
Modified: db/derby/docs/trunk/src/security/tseccsecure81850.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecure81850.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecure81850.dita (original)
+++ db/derby/docs/trunk/src/security/tseccsecure81850.dita Wed May 4 14:48:28 2022
@@ -42,7 +42,6 @@ property.</cmd></step>
are booted, turn on user authentication and SQL authorization for the database.
Use NATIVE authentication or, alternatively, LDAP or a user-defined
class.</cmd></step>
-<step><cmd>Configure Java security for your environment.</cmd></step>
</steps>
<result><p>The following figure shows how disk encryption protects data when the
recipient might not know how to protect data. It is useful for databases
Modified: db/derby/docs/trunk/src/security/tseccsecure82556.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecure82556.dita?rev=1900554&r1=1900553&r2=1900554&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecure82556.dita (original)
+++ db/derby/docs/trunk/src/security/tseccsecure82556.dita Wed May 4 14:48:28 2022
@@ -41,7 +41,6 @@ systems protect network connections with
</step>
<step><cmd>Configure fine-grained user authorization (SQL authorization) for
your databases.</cmd></step>
-<step><cmd>Configure Java security for your environment.</cmd></step>
</steps>
<result><p>The following figure shows some of the
<ph conref="../conrefs.dita#prod/productshortname"></ph> security mechanisms at