[jira] Commented: (DERBY-2206) Provide complete security model for Java routines

Fri, 26 Jan 2007 08:07:10 -0800 

    [ 
https://issues.apache.org/jira/browse/DERBY-2206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12467849
 ] 

Daniel John Debrunner commented on DERBY-2206:
----------------------------------------------

But in other cases the specs indicate breaking existing applications is ok, 
such as booting the network server with a security manager, limiting database 
creation, database shutdown, upgrade & encyption.
I think affecting exsiting applications is ok if by default it  closes security 
holes, especially when they is an easy workaround (boot the network server with 
-unsecure, set derby.database.classpath to an empty string).

I also think that opting into the secure mode is the incorrect default (as in  
derby.database.classpath=sys.sqlj), Derby should be secure by default and have 
the flexibility to reduce restrictions.

I've also been thinking that since the various security changes assume system 
and/or database authentication, maybe some of the restrictions should not be 
enforced if authentication is *not* enabled.
E.g. with no authentication:
   allow any user to create databases & shutdown the system
   allow any user to upgrade, encrypt, shutdown database
   allow any routine entry point

and maybe
   don't boot the network server from the command line if no authentication 
unless '-unsecue' is set. This stops a false sense of security.

I think this changes would make the impact on existing users less.

> Provide complete security model for Java routines
> -------------------------------------------------
>
>                 Key: DERBY-2206
>                 URL: https://issues.apache.org/jira/browse/DERBY-2206
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Rick Hillegas
>
> Add GRANT/REVOKE mechanisms to control which jar files can be mined for 
> user-created objects such as Functions and Procedures. In the future this may 
> include Aggregates and Function Tables also. The issues are summarized on the 
> following wiki page: http://wiki.apache.org/db-derby/JavaRoutineSecurity. 
> Plugin management can be tracked by this JIRA rather than by DERBY-2109. This 
> is a master JIRA to which subtasks can be linked.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to