[
https://issues.apache.org/jira/browse/DERBY-2109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12574808#action_12574808
]
Myrna van Lunteren commented on DERBY-2109:
-------------------------------------------
I think one or more of the commits may have caused weme6.1 (my J2ME/JSR169
implementation) to run into 152 failed tests in derbyall.
The last one in the report for example has a failure diff like so:
====================
*** Start: T_MarkedLimitInputStream jdkJ2ME Foundation Specification v1.1
derbyall:unit 2008-03-01 07:05:44 ***
1 del
< -- Unit Test T_MarkedLimitInputStream starting
2 del
< -- Unit Test T_MarkedLimitInputStream finished
2 add
> Parsing policy file:
> file:C:/jartest/JarResults.2008-02-29/weme6.1_derbyall/derby_tests.policy,
> found unexpected: permission
> xxxxxxFILTERED-TIMESTAMPxxxxxGMT Thread[main,5,main]
> java.security.AccessControlException: Access denied (java.io.FilePermission
> derby.log read)
> xxxxxxFILTERED-TIMESTAMPxxxxxGMT Thread[main,5,main] Cleanup action starting
> ERROR XBM02: Startup failed due to missing functionality for
> org.apache.derbyTesting.unitTests.harness.UnitTestManager. Please ensure your
> classpath includes the correct Derby software.
> Cleanup action completed
> xxxxxxFILTERED-TIMESTAMPxxxxxGMT Thread[main,5,main]
> xxxxxxFILTERED-TIMESTAMPxxxxxGMT Thread[main,5,main] Startup failed due to
> missing functionality for
> org.apache.derbyTesting.unitTests.harness.UnitTestManager. Please ensure your
> classpath includes the correct Derby software.
> ERROR XBM02: Startup failed due to missing functionality for
> org.apache.derbyTesting.unitTests.harness.UnitTestManager. Please ensure your
> classpath includes the correct Derby software.
Test Failed.
=================
I understood from the discussion re DERBY-3445 that with this jvm I need to run
with properties spelled out (so I'm now running with -Demma.active=""). Is
there some property I need to specify for these changes too that I missed?
Any other suggestions?
There is no derby.log, and (so) no stack trace...
> System privileges
> -----------------
>
> Key: DERBY-2109
> URL: https://issues.apache.org/jira/browse/DERBY-2109
> Project: Derby
> Issue Type: New Feature
> Components: Security
> Affects Versions: 10.3.1.4
> Reporter: Rick Hillegas
> Assignee: Martin Zaun
> Attachments: DERBY-2109-02.diff, DERBY-2109-02.stat,
> derby-2109-03-javadoc-see-tags.diff, DERBY-2109-04.diff, DERBY-2109-04.stat,
> DERBY-2109-05and06.diff, DERBY-2109-05and06.stat, DERBY-2109-07.diff,
> DERBY-2109-07.stat, DERBY-2109-08.diff, DERBY-2109-08.stat,
> DERBY-2109-08_addendum.diff, DERBY-2109-08_addendum.stat, DERBY-2109-09.diff,
> DERBY-2109-09.stat, DERBY-2109-10.diff, DERBY-2109-10.stat,
> DERBY-2109-11.diff, DERBY-2109-11.stat, DERBY-2109-12.diff,
> DERBY-2109-12.stat, SystemPrivilegesBehaviour.html, systemPrivs.html,
> systemPrivs.html, systemPrivs.html, systemPrivs.html
>
>
> Add mechanisms for controlling system-level privileges in Derby. See the
> related email discussion at
> http://article.gmane.org/gmane.comp.apache.db.derby.devel/33151.
> The 10.2 GRANT/REVOKE work was a big step forward in making Derby more
> secure in a client/server configuration. I'd like to plug more client/server
> security holes in 10.3. In particular, I'd like to focus on authorization
> issues which the ANSI spec doesn't address.
> Here are the important issues which came out of the email discussion.
> Missing privileges that are above the level of a single database:
> - Create Database
> - Shutdown all databases
> - Shutdown System
> Missing privileges specific to a particular database:
> - Shutdown that Database
> - Encrypt that database
> - Upgrade database
> - Create (in that Database) Java Plugins (currently Functions/Procedures,
> but someday Aggregates and VTIs)
> Note that 10.2 gave us GRANT/REVOKE control over the following
> database-specific issues, via granting execute privilege to system
> procedures:
> Jar Handling
> Backup Routines
> Admin Routines
> Import/Export
> Property Handling
> Check Table
> In addition, since 10.0, the privilege of connecting to a database has been
> controlled by two properties (derby.database.fullAccessUsers and
> derby.database.defaultConnectionMode) as described in the security section of
> the Developer's Guide (see
> http://db.apache.org/derby/docs/10.2/devguide/cdevcsecure865818.html).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
