You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Andrew McIntyre (JIRA)" <de...@db.apache.org> on 2006/08/09 08:50:14 UTC
[jira] Updated: (DERBY-1273) Sysinfo should print a better message
when it gets Security Exceptions accessing classpath info when run under
security manager
[ http://issues.apache.org/jira/browse/DERBY-1273?page=all ]
Andrew McIntyre updated DERBY-1273:
-----------------------------------
Assignee: (was: Andrew McIntyre)
After examining the behavior with and without the patch I currently have attached to this issue, I believe that the current behavior, without this patch, is desirable. With the patch, there is no output at all which indicates that the JCC driver could not be accessed, regardless of the permissions granted to sysinfo, and it appears that with the patch, there occurs some unwanted behavior with the -cp options to sysinfo where some output which previously reported useful security exceptions will fail silently and report success at the end.
I believe that the release note attached to DERBY-688 covers the problem reported with this issue. I would appreciate it if the reporter could close this issue if they agree with that assessment.
> Sysinfo should print a better message when it gets Security Exceptions accessing classpath info when run under security manager
> --------------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-1273
> URL: http://issues.apache.org/jira/browse/DERBY-1273
> Project: Derby
> Issue Type: Improvement
> Components: Tools
> Affects Versions: 10.2.0.0
> Reporter: Kathey Marsden
> Priority: Minor
> Fix For: 10.2.0.0
>
> Attachments: derby-1273-v2.diff, DERBY-1273.diff
>
>
> If sysinfo does not have getProtectionDomain privileges it cannot get some information during classpath handling.
> When this occurs it prints Java Security Exceptions in the output e.g.
> JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
> [C:\bryan\src\derby\main\trunk\jars\sane\derby.jar] 10.2.0.0 alpha - (398049M)
> [C:\bryan\src\derby\main\trunk\jars\sane\derbytools.jar] 10.2.0.0 alpha - (398049M)
> [C:\bryan\src\derby\main\trunk\jars\sane\derbynet.jar] 10.2.0.0 alpha - (398049M)
> [C:\bryan\src\derby\main\trunk\jars\sane\derbyclient.jar] 10.2.0.0 alpha - (398049M)
> [Unable to access Protection Domain or Code Source for class class com.ibm.db2.jcc.DB2Driver: access denied (java.lang.RuntimePermission getProtectionDomain)] 2.4 - (17)
> [C:\bryan\src\derby\main\trunk\jars\sane\db2jcc_license_c.jar] 2.4 - (17)
> [Java Security Exception: access denied (java.io.FilePermission c:\bryan\src\derby\main\trunk\tools\java\jakarta-oro-2.0.8.jar read)]
> [Java Security Exception: access denied (java.io.FilePermission c:\bryan\src\derby\main\trunk\tools\java\junit.jar read)]
> See DERBY-1229 notes.html for a complete explanation of the output.
> I am actually not sure what information is actually missing from sysinfo in this case but I think it would be better if sysinfo just printed the classpath and then printed a generic warning with the information that it was not able to report rather than printing the Security exceptions explicitly.
> This would be especially helpful for NetworkServerControl sysinfo because users are always encouraged to run network server in security manager.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira