[ http://issues.apache.org/jira/browse/DERBY-1056?page=comments#action_12368009 ]
Daniel John Debrunner commented on DERBY-1056: ---------------------------------------------- Just to be clear, I wasn't suggesting that security issues related to localhost be removed from this bug. I was just pointing out for the two issues Kathey raised it dodn't seem to me that there was a problem. I think the use of the network server in a single but shaared machine is an interesting scenario to understand. It seems like at least the warning should be issued if a database with no authentication is accessible through the network server, regardless of local or remote host. > Print a security warning to derby.log and network server console if network > server is started with remote connections enabled and security manager, user > authentication, and ecrypted userid are not on > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: DERBY-1056 > URL: http://issues.apache.org/jira/browse/DERBY-1056 > Project: Derby > Type: Improvement > Components: Network Server, Security > Reporter: Kathey Marsden > Fix For: 10.2.0.0 > > Information and questions from the user list seem to indicate that often > users enable remote connections by starting network server with the -h > 0.0.0.0 or -h <machinename> option without taking proper security measures. > I think it would be worthwhile to print a security warning the console and > derby.log if network server is starated without the proper security in place. > Serious security issues exist when starting network server and allowing > remote connections unless users: > - Run in security manager with permissions restricted as much as possible. > - Enable user authentication > - Use encrypted userid/password (Currently only available with IBMJCE) > - Maybe also print a warning if bootPassword is sent in the > connectionAttributes, since this cannot be encrypted. (I had thought there > was a jira issue for this but can't find it.) > An example of such an attack might include creating databases until the host > machine disk filled up, deleting all user data etc. > Related issues: > DERBY-65 > DERBY-474 > DERBY -528 > DERBY-962 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira