Oystein Grovlen - Sun Norway wrote:
Daniel John Debrunner wrote:
> So maybe if Derby is booted as a standalone server with no security
> manager involved, it should install one with a default security
> policy. Thus allowing Derby to use Java security manager to manage
> system privileges but not requiring everyone to become familiar with
> them.
I like this idea very much. Will there be any backward comptibility
issues if we make Derby secure-by-default like this?
I don't believe so. I think a default policy file would cover the
majority of users without change. For those who the policy file did not
work they could run without a security manager or a different policy
file. I.e. I think it would a deliberate change to improve security that
might require some users to make minor configuration changes to use the
new version.
Dan.
