[jira] Commented: (DERBY-3532) Invalid & possibly skipped authentication handling when shutting down the network server.

Fri, 07 Aug 2009 03:14:43 -0700 

    [ 
https://issues.apache.org/jira/browse/DERBY-3532?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12740488#action_12740488
 ] 

Dag H. Wanvik commented on DERBY-3532:
--------------------------------------

Not sure if I understand this entirely, but as I read this thread, it is in 
some connection modes possible to shut down the engine underneath the network 
server, in other modes it is not possible? 
If so, it seems wrong that it should be possible to take down the engine when 
the server is running. It seems to me, the correct sequence is to first take 
down the server, then the engine.



> Invalid & possibly skipped  authentication handling when shutting down the 
> network server.
> ------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3532
>                 URL: https://issues.apache.org/jira/browse/DERBY-3532
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server
>    Affects Versions: 10.4.1.3, 10.5.1.1
>            Reporter: Daniel John Debrunner
>            Priority: Critical
>         Attachments: DERBY-3532.diff, ReproDerby3532.java, ReproDerby3532.java
>
>
> In NetworkServerControlImpl.checkShutdownPrivileges() code fetches the 
> internal authentication service to perform user authentication.
> However if no such authentication service is found (null is returned) then 
> authentication is bypassed, this has the potential of being a security hole.
> The discussion in DERBY-2109 indicated that even with authentication NONE, 
> there is still an internal authentication service, thus null is not a valid 
> return when getting the internal authentication service. A secure fail safe 
> system would be to not bypass authentication if null is returned.
> I tried removing the check for null in the method and that lead to 
> NullPointerExceptions. This means that something wrong is going on and very 
> possibly no authentication checks are actually being made when shutting down 
> the network server.
> The null return might be due to checking the authentication after Derby has 
> been shutdown.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to