In the Administration Guide, clarify that you need to adjust file permissions
in your security policy in order to prevent import/export from accessing
sensitive files outside your Derby subsystem
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: DERBY-4708
URL: https://issues.apache.org/jira/browse/DERBY-4708
Project: Derby
Issue Type: Improvement
Components: Documentation
Affects Versions: 10.6.1.0
Reporter: Rick Hillegas
Right now the Derby Administration Guide advises users to adjust permissions in
their security policy file in order to prevent backup/restore from clobbering
and inspecting sensitive files outside the Derby subsystem. This advice can be
found in the section titled "Basic Network Server security policy". This
section should be clarified to note that you can suffer similar exposure from
the export/import procedures and that you need to adjust your security policy
for them as well.
Note that this section does link to another, detailed section, which describes
the security policy implications for both backup/restore and export/import:
"Customizing the Network Server's security policy".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
