[
https://issues.apache.org/jira/browse/DERBY-4708?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rick Hillegas updated DERBY-4708:
---------------------------------
Fix Version/s: 10.6.2.0
10.6.2.1
10.7.0.0
> In the Administration Guide, clarify that you need to adjust file permissions
> in your security policy in order to prevent import/export from accessing
> sensitive files outside your Derby subsystem
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-4708
> URL: https://issues.apache.org/jira/browse/DERBY-4708
> Project: Derby
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 10.6.1.0
> Reporter: Rick Hillegas
> Assignee: Rick Hillegas
> Fix For: 10.6.2.0, 10.6.2.1, 10.7.0.0
>
> Attachments: derby-4708-01-aa-clarification.diff,
> derby-4708-01-aa-clarification.tar, derby-4708-01-ab-clarification.diff
>
>
> Right now the Derby Administration Guide advises users to adjust permissions
> in their security policy file in order to prevent backup/restore from
> clobbering and inspecting sensitive files outside the Derby subsystem. This
> advice can be found in the section titled "Basic Network Server security
> policy". This section should be clarified to note that you can suffer similar
> exposure from the export/import procedures and that you need to adjust your
> security policy for them as well.
> Note that this section does link to another, detailed section, which
> describes the security policy implications for both backup/restore and
> export/import: "Customizing the Network Server's security policy".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
