[
https://issues.apache.org/jira/browse/DERBY-1387?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12566325#action_12566325
]
Daniel John Debrunner commented on DERBY-1387:
----------------------------------------------
For the security issue one idea is consider is packaging Derby's mbeans in a
separate jar file (e.g. derbyjmx.jar).
This jar could be automatically in the class path of derby.jar but having it
separate would allow it to be granted different permissions.
If the mbeans are in derby.jar then they will most likely have the permission
to read Derby's system properties (derby.*),
putting them in a separate jar allows some control to some administrator
(vm-admin?), thus they could have the option of:
- not allowing any jmx access to system properties while continuing to use
the other administration facilities of Derby's mbeans
- allowing only read access to derby's system properties (that are exposed
through Derby's mbeans)
- allowing read/write access to derby's system properties (that are exposed
through Derby's mbeans)
> I noticed Dan's suggestion of including a restricted/limited set of
> MBeans/attributes/operations in the first version of this feature
My suggestion was slightly different, a first patch that gets working mbeans
with limited attributes and operations to allow folks to play with them.
Then any amount of added new functionality before a release that contains
mbeans (ie. 10.4), the only requirement would be some agreement that new
functionality does not expose security holes. E.g. a initial patch of working
functionality could be:
- version mbean - as it is today
- system mbean - maybe any system property read-only that does not expose
security information (e.g. LocksWaitTimeOut ok, DatabaseFullAccessUsers not ok)
- network server mbean - ping only
- database mbean - name, locale, read-only
> Add JMX extensions to Derby
> ---------------------------
>
> Key: DERBY-1387
> URL: https://issues.apache.org/jira/browse/DERBY-1387
> Project: Derby
> Issue Type: New Feature
> Components: Services
> Reporter: Sanket Sharma
> Assignee: John H. Embretsen
> Attachments: DERBY-1387-1.diff, DERBY-1387-1.stat, DERBY-1387-2.diff,
> DERBY-1387-2.stat, DERBY-1387-3.diff, DERBY-1387-3.stat, DERBY-1387-4.diff,
> DERBY-1387-4.stat, DERBY-1387-5.diff, DERBY-1387-5.stat, DERBY-1387-6.zip,
> DERBY-1387-7.zip, DERBY-1387-8.zip, DERBY-1387-9.diff, DERBY-1387-9.stat,
> derbyjmx.patch, jmx.diff, jmx.stat, jmxFuncspec.html, jmxFuncspec.html,
> jmxFuncspec.html, Requirements for JMX Updated.html, Requirements for
> JMX.html, Requirements for JMX.zip
>
>
> This is a draft requirement specification for adding monitoring and
> management extensions to Apache Derby using JMX. The requirements document
> has been uploaded on JIRA as well as the Derby Wiki page at
> http://wiki.apache.org/db-derby/_Requirement_Specifications_for_Monitoring_%26_Management_Extensions_using_JMX
> Developers and Users are requested to please look at the document (feature
> list in particular) and add their own rating to features by adding a coloumn
> to the table.
> Comments are welcome.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
