[ http://issues.apache.org/jira/browse/DERBY-623?page=comments#action_12369559 ]
Kristian Waagan commented on DERBY-623: --------------------------------------- By looking at the description of the bug, I really can't see that the changes I implemented are outside the scope of the bug: "The engine contains code to read system properties using privileged blocks, this should be used by the monitor." About the only thing changed by patch 'DERBY-623-1a.diff' is that the properties (including 'System.getProperties()') that was previously read outside a privileged block is now read inside one. I take your previous comment was related to the parts of the code that use the result of 'System.getProperties()', and removing this should be easy enough for someone that knows the code a little. Based on the comments in the method 'runWithState', I think I'll step down since I don't know the story of the unit tests and the overall function of BaseMonitor. In my opinion, your previous comment points in the direction of a new Jira issue. That said, discarding the current patch and implementing the changes you talk about as part of this issue is fine with me - but for the reason mentioned above this is not my itch. > Derby monitor accesses two system properties without using a privileged block > when built sane=true > -------------------------------------------------------------------------------------------------- > > Key: DERBY-623 > URL: http://issues.apache.org/jira/browse/DERBY-623 > Project: Derby > Type: Bug > Components: Services > Versions: 10.2.0.0 > Reporter: Daniel John Debrunner > Assignee: Kristian Waagan > Priority: Minor > Attachments: DERBY-623-1a.diff, DERBY-623-1a.stat, > DERBY-623-2b-javadoc.diff, DERBY-623-2b-javadoc.stat > > When built with sane=true and testing with the jars these permissions are > required to be granted all the way up the stack, currently this means for the > tests granting them to the network server jar. > permission java.util.PropertyPermission "derby.monitor.verbose", "read"; > permission java.util.PropertyPermission "derby.debug.*", "read"; > The engine contains code to read system properties using privileged blocks, > this should be used by the monitor. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
