[
https://issues.apache.org/jira/browse/DERBY-3086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12540437
]
Rick Hillegas commented on DERBY-3086:
--------------------------------------
Thanks for the quick feedback, Kathey. It looks as though I need to grant the
sysinfo permissions to derbyclient.jar as well.
Could you explain the incompatibility which you see is being introduced? I
didn't understand your concern. Here is a little more information which may
help: The code which sets DRDA_PROP_TRACEDIRECTORY is called before the
security manager is installed, so there is no need to grant write access to
that property. Thanks.
> The server policy needs to grant derbynet.jar more permissions so that
> sysinfo and drda tracing will work
> ---------------------------------------------------------------------------------------------------------
>
> Key: DERBY-3086
> URL: https://issues.apache.org/jira/browse/DERBY-3086
> Project: Derby
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.3.1.4
> Reporter: Rick Hillegas
> Assignee: Rick Hillegas
> Attachments: derby-3086-01-morePermissions-aa.diff
>
>
> More permissions need to be granted to derbynet.jar in the server.policy
> file. David van Couvering reports that if you bring up the server and run the
> following command:
> java -jar derbyrun.jar server sysinfo
> then you get security exceptions as the sysinfo code, running inside the
> network jarball tries to read user.dir, user.home, user.name, java.home, and
> java.class.path.
> Kathey Marsden reports that if you try to run the network server with drda
> tracing turned on, then you get security exceptions when the server tries to
> open the trace log file.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
