[
https://issues.apache.org/jira/browse/DERBY-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14630589#comment-14630589
]
ASF subversion and git services commented on DERBY-6741:
--------------------------------------------------------
Commit 1691466 from [~bryanpendleton] in branch 'code/trunk'
[ https://svn.apache.org/r1691466 ]
DERBY-6741: User code can get the ContextManager from an EmbedConnection
This change adjusts NoDBInternalsPermissionTest so that the try block in
test_002_EmbedConnection covers the getConnection() call. At least in my
particular configuration, the getConnection() call can raise the (expected)
AccessControlException due to this test's security policy.
> User code can get the ContextManager from an EmbedConnection
> ------------------------------------------------------------
>
> Key: DERBY-6741
> URL: https://issues.apache.org/jira/browse/DERBY-6741
> Project: Derby
> Issue Type: Bug
> Components: JDBC, Services
> Reporter: Rick Hillegas
> Assignee: Rick Hillegas
> Fix For: 10.12.0.0
>
> Attachments: derby-6741-01-aa-usederbyinternals.diff, derby.log,
> error-stacktrace.out
>
>
> EmbedConnection.getContextManager() is a public method. Exposing internals
> like the ContextManager is a security risk.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
