[jira] [Updated] (DERBY-6636) The public api of BaseDataFileFactory may allow blackhats to assume elevated privileges.

Tue, 24 Jun 2014 07:14:46 -0700 

     [ 
https://issues.apache.org/jira/browse/DERBY-6636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Rick Hillegas updated DERBY-6636:
---------------------------------

    Description: 
BaseDataFileFactory has a public constructor and a public boot() method. 
Arbitrary code running in the JVM may be able to instantiate a 
BaseDataFileFactory outside of Derby's authentication mechanisms and so acquire 
the ability to read/update Derby-managed data with the privileges granted to 
Derby.  Arbitrary code may be able to interfere with the normal operation of 
Derby and may be able to corrupt data.

This is just an observation based on casual code inspection. It may be that 
there are mechanisms in place which frustrate these attacks. I have not tried 
to exploit these potential vulnerabilities myself.

  was:
BaseDataFileFactory has a public constructor and a public boot() method. 
Arbitrary code running in the JVM may be able to instantiate a 
BaseDataFileFactory outside of Derby's authentication mechanisms and so acquire 
the ability to read/update Derby-managed data with the privileges granted to 
Derby.

This is just an observation based on casual code inspection. It may be that 
there are mechanisms in place which frustrate this attack. I have not tried to 
exploit this potential vulnerability myself.


> The public api of BaseDataFileFactory may allow blackhats to assume elevated 
> privileges.
> ----------------------------------------------------------------------------------------
>
>                 Key: DERBY-6636
>                 URL: https://issues.apache.org/jira/browse/DERBY-6636
>             Project: Derby
>          Issue Type: Bug
>          Components: Store
>    Affects Versions: 10.11.0.0
>            Reporter: Rick Hillegas
>
> BaseDataFileFactory has a public constructor and a public boot() method. 
> Arbitrary code running in the JVM may be able to instantiate a 
> BaseDataFileFactory outside of Derby's authentication mechanisms and so 
> acquire the ability to read/update Derby-managed data with the privileges 
> granted to Derby.  Arbitrary code may be able to interfere with the normal 
> operation of Derby and may be able to corrupt data.
> This is just an observation based on casual code inspection. It may be that 
> there are mechanisms in place which frustrate these attacks. I have not tried 
> to exploit these potential vulnerabilities myself.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to