[jira] [Commented] (DERBY-6224) Many test failures on latest JDK 8 EA build because of missing SQLPermission

Wed, 29 May 2013 12:40:51 -0700 

    [ 
https://issues.apache.org/jira/browse/DERBY-6224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13669611#comment-13669611
 ] 

Rick Hillegas commented on DERBY-6224:
--------------------------------------

Thanks for that analysis and for the patch, Knut. I see three issues involved 
here. Two are Derby specific:

1) Unrestricted permission for orderly engine shutdown.

2) Unrestricted permission for component removal.

...and the third is a broader JDBC concern:

3) A denial-of-service vulnerability associated with unrestricted access to 
DriverManager.deregisterDriver().

As I understand it, SQLPermission( "deregisterDriver" ) was introduced to 
address (3). The permission is very broad. You can either mount the DOS attack 
against all servers or against none. I agree with your conclusion that orderly 
Derby shutdown should not open up a broad DOS attack against other servers. 
Since Derby only attempts to deregister its own driver, there is little risk in 
granting this SQLPermission to Derby all of the time. Your approach sounds good 
to me.

There is still the vulnerability to other DOS attacks on Derby via (1) and (2). 
I think that we can continue that discussion on DERBY-586. Thanks.

                
> Many test failures on latest JDK 8 EA build because of missing SQLPermission
> ----------------------------------------------------------------------------
>
>                 Key: DERBY-6224
>                 URL: https://issues.apache.org/jira/browse/DERBY-6224
>             Project: Derby
>          Issue Type: Bug
>          Components: Test
>    Affects Versions: 10.11.0.0
>         Environment: java version "1.8.0-ea"
> Java(TM) SE Runtime Environment (build 1.8.0-ea-b89)
> Java HotSpot(TM) 64-Bit Server VM (build 25.0-b31, mixed mode)
>            Reporter: Knut Anders Hatlen
>         Attachments: derby-6224-01-a.diff
>
>
> With the latest EA build of JDK 8 (build 1.8.0-ea-b89), I see many failures 
> in suites.All. For example:
> 1) 
> testStartNetworkServerFalse(org.apache.derbyTesting.functionTests.tests.derbynet.DerbyNetAutoStartTest)java.security.AccessControlException:
>  access denied ("java.sql.SQLPermission" "deregisterDriver")
>       at 
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:364)
>       at 
> java.security.AccessController.checkPermission(AccessController.java:562)
>       at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>       at java.sql.DriverManager.deregisterDriver(DriverManager.java:399)
>       at 
> org.apache.derby.jdbc.AutoloadedDriver.unregisterDriverModule(AutoloadedDriver.java:263)
>       at org.apache.derby.jdbc.Driver20.stop(Driver20.java:105)
>       at 
> org.apache.derby.impl.services.monitor.TopService.stop(TopService.java:443)
>       at 
> org.apache.derby.impl.services.monitor.TopService.shutdown(TopService.java:394)
>       at 
> org.apache.derby.impl.services.monitor.BaseMonitor.shutdown(BaseMonitor.java:227)
>       at 
> org.apache.derby.impl.services.monitor.FileMonitor.shutdown(FileMonitor.java:44)
>       at 
> org.apache.derby.impl.services.monitor.BaseMonitor.shutdown(BaseMonitor.java:197)
>       at 
> org.apache.derby.impl.services.monitor.FileMonitor.shutdown(FileMonitor.java:44)
>       at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:255)
>       at org.apache.derby.jdbc.Driver20.connect(Driver20.java:246)
>       at 
> org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:145)
>       at java.sql.DriverManager.getConnection(DriverManager.java:661)
>       at java.sql.DriverManager.getConnection(DriverManager.java:208)
>       at 
> org.apache.derbyTesting.junit.DriverManagerConnector.getConnectionByAttributes(DriverManagerConnector.java:204)
>       at 
> org.apache.derbyTesting.junit.DriverManagerConnector.shutEngine(DriverManagerConnector.java:171)
>       at 
> org.apache.derbyTesting.junit.TestConfiguration.shutdownEngine(TestConfiguration.java:1822)
>       at 
> org.apache.derbyTesting.functionTests.tests.derbynet.DerbyNetAutoStartTest.setUp(DerbyNetAutoStartTest.java:82)
>       at 
> org.apache.derbyTesting.junit.BaseTestCase.runBare(BaseTestCase.java:117)
>       at 
> org.apache.derbyTesting.junit.BaseJDBCTestCase.runBareOverridable(BaseJDBCTestCase.java:439)
>       at 
> org.apache.derbyTesting.junit.BaseJDBCTestCase.runBare(BaseJDBCTestCase.java:456)
> What's new in EA build 89 is that DriverManager.deregisterDriver() now 
> requires an SQLPermission when running under a security manager. Most of 
> suites.All runs under a security manager, and Derby's engine shutdown code 
> calls deregisterDriver(), so this problem probably affects all tests that 
> shut down the engine.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to