[
https://issues.apache.org/jira/browse/DERBY-6631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Knut Anders Hatlen updated DERBY-6631:
--------------------------------------
Attachment: d6631-1a-setThreadPriority.diff
Attached is a patch ([^d6631-1a-setThreadPriority.diff]) that makes
FileMonitor.setThreadPriority() stop using doPrivileged(). Instead, each caller
has to wrap its call to FileMonitor.setThreadPriority() in doPrivileges(). This
way, the privileged operation is not exposed publicly.
> FileMonitor can be used to elevate an application's privileges
> --------------------------------------------------------------
>
> Key: DERBY-6631
> URL: https://issues.apache.org/jira/browse/DERBY-6631
> Project: Derby
> Issue Type: Bug
> Components: Services
> Affects Versions: 10.11.1.1
> Reporter: Rick Hillegas
> Attachments: d6631-1a-setThreadPriority.diff
>
>
> Various vulnerabilities in FileMonitor allow applications to perform
> security-sensitive operations with the elevated privileges granted to Derby:
> getDaemonThread() - The application can call this method in order to create
> threads, using Derby's elevated privileges.
> getJVMProperty() - The application can call this in order to read system
> properties using Derby's elevated privileges.
> setThreadPriority() - The application can call this method to change the
> priority of a daemon thread it has created. This call will execute with
> Derby's elevated privileges.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
