[ https://issues.apache.org/jira/browse/DERBY-2925?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12514667 ]
Bryan Pendleton commented on DERBY-2925: ---------------------------------------- Hi Ramin, thanks for the v2 patch, it looks very good. I noticed that part of the patch involves code that will delete the partially-written output file(s) if the EXPORT operation fails. Is that a new behavior of EXPORT? It doesn't seem exactly related to the main issue of DERBY-2925. Do you think that the patch would still be valid without the deleteFile portion? Or is that a necessary component of the patch? thanks, bryan > Prevent export from overwriting existing files > ---------------------------------------------- > > Key: DERBY-2925 > URL: https://issues.apache.org/jira/browse/DERBY-2925 > Project: Derby > Issue Type: Sub-task > Components: Security, Tools > Affects Versions: 10.1.2.1, 10.2.2.0, 10.3.1.3, 10.4.0.0 > Reporter: Kathey Marsden > Assignee: Ramin Moazeni > Attachments: DERBY-2925v0.diff, DERBY-2925v0.stat, DERBY-2925v1.diff, > DERBY-2925v1.stat, DERBY-2925v2.diff, DERBY-2925v2.stat > > > Export should not overwrite existing files, but rather insist that the user > remove them before writing to the file. This will help prevent accidental or > intentional corruption of the database with export. This may introduce a > compatibility issue with export but because export is usually an attended > utility and not typically invoked as part of an application, I think the risk > is worth the additional security this will provide. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.