[
https://issues.apache.org/jira/browse/DERBY-2811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12504852
]
Dag H. Wanvik commented on DERBY-2811:
--------------------------------------
Thanks for addressing this Rick!
I think this patch fixes both DERBY-2811 and DERBY-2814, great.
* There is possibly a bug still:
It seems Derby supports IPv6, found this in the docs:
//accepts connections from other hosts on an IPV6 system
NetworkServerControl serverControl = new
NetworkServerControl(InetAddress.getByName("::"),1527);
So, it seems, if the user has an IPv6 system, she would give -h "::"
and that might fail with SocketPermission in the same
way as "0.0.0.0"?
* Also, I think we should update the user docs with the fact that this
automatics translation from "0.0.0.0"/"::" to "*" happens; some users
might puzzle over it if they knew the SocketPermission syntax
well.... ;) And perhaps would try supplying Derby with a -h "*" :(
* Question: When you set derby.drda.host finally (I had some problem
understanding the comment's use of "force"), after Derby has created
its socket and you have possibly change the syntax, so that the
security manager will see the correct syntax when reading the policy
file, the underlying premise is that Derby is done with using its
value for socket creation purposes.
There is code in the server which sends properties to the client,
cf. NetworkServerControlImpl#sendPropInfo->getPropertyValues which
reads the host value from hostArg, rather than from the current value
of derby.drda.host, which is the right thing to do, since, hostArg
has the correct syntax, but it is slightly confusing, since, at that
point in time, the values of sent derby.drda.host (==hostArg) and
server's derby.drda.host will have (possibly syntactically) different
values. Would it perhaps be useful to reset the value of
derby.drda.host to the Derby syntax after the security manager is
done with (I guess you might need to temporarily set it again if
refreshing the security file later though), so as to avoid confusion
and possible bugs down the line?
In short, let derby.drda.host only have the SocketPermission syntax
temporarily when creating security manager and when reloading policy
file.
*Or* it should be the other way around, that after this point in
time, the syntax will remain compliant with SocketPermission. Either
way, I'd love the comment to explain this in some more detail. Maybe
a comment in Property.java where DRDA_PROP_HOSTNAME is declared and on
declaration of 'hostArg' is due as well.
* I looked at the modified test and decorator but I need to read some
more before I can comment on those changes.
* Nits:
- some lines > 80
> Specifying -h 0.0.0.0 with default security manager bars clients from
> connecting from any host
> ----------------------------------------------------------------------------------------------
>
> Key: DERBY-2811
> URL: https://issues.apache.org/jira/browse/DERBY-2811
> Project: Derby
> Issue Type: Bug
> Components: Network Server, Security
> Affects Versions: 10.3.0.0
> Reporter: Dag H. Wanvik
> Assignee: Rick Hillegas
> Attachments: derby-2811-01.diff
>
>
> The default policy file installed has this stanza:
> :
> permission java.net.SocketPermission "${derby.drda.host}:*", "accept";
> :
> Normally, specifying -h 0.0.0.0 to NetworkServerControl lets clients connect
> from any host, but with the default policy file installed
> connecting fails even from localhost.
> I think this is because SocketPermission only recognizes "*" as a catch-all.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
