[
https://issues.apache.org/jira/browse/DERBY-6980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16671661#comment-16671661
]
Rick Hillegas commented on DERBY-6980:
--------------------------------------
Attaching derby-6980-03-aa-securityPolicies.diff. This patch cleans up the
documentation on security policies and brings it up to date with the security
changes made by the modularization work on DERBY-6945. Also attaching
derby-6980-03-aa-securityPolicies.tar, a tarball of the generated html. The
best way to review these changes is to unpack the tarball and point your
browser at index.html. This patch incorporates security policy templates which
were generated by work on DERBY-3547. That work will be submitted for review
soon.
The existing documentation on security policies has always confused me. The
existing template and sample policies don't describe any real Derby
configuration. They don't even describe a union of the Derby configurations.
For instance, they don't provide any guidance on how to configure a security
policy for a client application running on a remote machine.
Instead, this patch builds on the module diagrams and on the idea that Derby
can be run in several different configurations, each of which needs its own
template policy file.
This patch makes the following changes:
1) Clarifies the description of the privileges needed for import/export,
backup/restore, and jar file loading, pointing out that the target directories
should be in a branch of the file system controlled by the database owner or
the user who booted the JVM.
2) Points out that system properties can be used to avoid having to customize
the template policies.
3) Removes the confusing material about having to grant sysinfo privileges to
all jar files. The work on DERBY-6945 isolated the sysinfo logic in the tools
module so that the corresponding privileges only need to be granted to
derbytools.jar.
4) Replaces the one-size-doesn't-fit-anyone template policy with separate
template policies for the following important configurations: embedded engine,
server, remote client, and local tools.
5) Replaces the customized policy file with a customized version of the server
policy, arguably the most security-critical configuration.
Touches the following files:
{noformat}
--------------------------------
M src/security/csecjavasecurity.dita
Simplify the overview of security policies.
--------------------------------
A src/security/rsecbasicclient.dita
A src/security/rsecbasicengine.dita
A src/security/rsecbasicserver.dita
A src/security/rsecbasictools.dita
D src/security/rsecnetservbasic.dita
M src/security/secderby.ditamap
Replace the one-size-doesn't-fit-anyone template policy with separate
templates for the engine, server, client, and tools configurations.
--------------------------------
M src/security/rsecpolicysample.dita
Replace the example policy file with a customized server policy.
{noformat}
> Documentation changes to accompany jigsaw-modularization of derby
> -----------------------------------------------------------------
>
> Key: DERBY-6980
> URL: https://issues.apache.org/jira/browse/DERBY-6980
> Project: Derby
> Issue Type: Task
> Components: Documentation
> Affects Versions: 10.15.0.0
> Reporter: Rick Hillegas
> Assignee: Rick Hillegas
> Priority: Major
> Attachments: derby-6980-01-aa-moduleDiagramsInJavadoc.diff,
> derby-6980-02-aa-addOverviewPageToInternalJavadoc.diff,
> derby-6980-03-aa-securityPolicies.diff, derby-6980-03-aa-securityPolicies.tar
>
>
> This is a place to collect the documentation changes which must be made as a
> result of the work on DERBY-6945.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
