[jira] [Comment Edited] (DERBY-7138) Remove references to the Java Security Manager
[
https://issues.apache.org/jira/browse/DERBY-7138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17525025#comment-17525025
]
Richard N. Hillegas edited comment on DERBY-7138 at 4/20/22 2:52 PM:
-
Attaching derby-7138-11-aa-miscCleanup.diff. This patch makes the following
changes:
1) Removes unused references to policy files which no longer exist.
2) Removes the upgrade tests for SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY().
With this patch, tests pass cleanly both with the classpath and with the
modulepath.
The upgrade tests also pass cleanly using the following set of starting points:
{noformat}
10.1.1.0
10.1.2.1
10.1.3.1
10.2.1.6
10.2.2.0
10.2.2.1
10.3.3.0
10.4.1.3
10.4.2.0
10.4.2.1
10.5.1.1
10.5.3.0
10.6.1.0
10.6.2.1
10.7.1.1
10.8.1.2
10.8.2.2
10.9.1.0
10.10.1.1
10.10.1.2
10.10.1.3
10.10.2.0
10.11.1.1
10.12.1.1
10.13.1.1
10.14.1.0
10.14.2.0
10.15.1.3
10.15.2.0
{noformat}
Touches the following files:
{noformat}
M java/org.apache.derby.engine/org/apache/derby/impl/jdbc/Util.java
M
java/org.apache.derby.server/org/apache/derby/drda/NetworkServerControl.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/harness/jvm.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/GetCurrentPropertiesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/RuntimeInfoTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ServerPropertiesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/LDAPAuthenticationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/XATest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneBackupTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneJarLoadingTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.java
Changes for (1).
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_3.java
Changes for (2).
{noformat}
was (Author: rhillegas):
Attaching derby-7138-11-aa-miscCleanup.diff. This patch makes the following
changes:
1) Removes unused references to policy files which no longer exist.
2) Removes the upgrade tests for SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY().
With this patch, tests pass cleanly both with the classpath and with the
modulepath.
Touches the following files:
{noformat}
M java/org.apache.derby.engine/org/apache/derby/impl/jdbc/Util.java
M
java/org.apache.derby.server/org/apache/derby/drda/NetworkServerControl.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/harness/jvm.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/GetCurrentPropertiesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/RuntimeInfoTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ServerPropertiesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/LDAPAuthenticationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/XATest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneBackupTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneJarLoadingTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.java
Changes for (1).
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_3.java
Changes for (2).
{noformat}
> Remove references to the Java Security Manager
> --
>
> Key: DERBY-7138
> URL: https://issues.apache.org/jira/browse/DERBY-7138
> Project: Derby
> Issue Type: Task
> Components: Build tools, Documentation
>Affects Versions: 10.16.0.0
>Reporter: Richard N. Hillegas
>Assignee: Richard N. Hillegas
>Priority: Major
> Attachments: DerbyServerTest.java, Z.java,
> derby-7138-01-aa-removeSecurityManagerFromOldHarnessTests.diff,
> derby-7138-02-ab-moveMethodsToTestConfiguration.diff,
> derby-7138-03-aa-removePermissionsTests.diff,
>
[jira] [Comment Edited] (DERBY-7138) Remove references to the Java Security Manager
[
https://issues.apache.org/jira/browse/DERBY-7138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522520#comment-17522520
]
Richard N. Hillegas edited comment on DERBY-7138 at 4/14/22 7:56 PM:
-
Attaching derby-7138-06-aa-removeSecurityManagerSetup.diff. This patch removes
the SecurityManagerTest class, used for testing. With this patch, tests passed
cleanly with both the classpath and the modulepath.
Touches the following files:
{noformat}
D
java/org.apache.derby.tests/org/apache/derbyTesting/junit/SecurityManagerSetup.java
Delete this class of support methods.
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/harness/jvm.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/junit/BaseTestCase.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/junit/TestConfiguration.java
Remove references to the deleted class.
{noformat}
was (Author: rhillegas):
Attaching derby-7138-06-aa-removeSecurityManagerSetup.diff. This patch removes
the SecurityManagerTest class, used for testing. With this patch, tests passed
cleanly with both the classpath and the modulepath.
Touches the following files:
{noformat}
D
java/org.apache.derby.tests/org/apache/derbyTesting/junit/SecurityManagerSetup.java
Delete this class of support methods.
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/harness/jvm.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/junit/BaseTestCase.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/junit/TestConfiguration.java
Remove references to the deleted class.
{noformat
> Remove references to the Java Security Manager
> --
>
> Key: DERBY-7138
> URL: https://issues.apache.org/jira/browse/DERBY-7138
> Project: Derby
> Issue Type: Task
> Components: Build tools, Documentation
>Affects Versions: 10.16.0.0
>Reporter: Richard N. Hillegas
>Assignee: Richard N. Hillegas
>Priority: Major
> Attachments: DerbyServerTest.java, Z.java,
> derby-7138-01-aa-removeSecurityManagerFromOldHarnessTests.diff,
> derby-7138-02-ab-moveMethodsToTestConfiguration.diff,
> derby-7138-03-aa-removePermissionsTests.diff,
> derby-7138-04-ab-hostChangeInNetworkServerControlApiTest.diff,
> derby-7138-05-aa-removeSecurityManager.diff,
> derby-7138-06-aa-removeSecurityManagerSetup.diff
>
>
> The Open JDK team has deprecated the Java Security Manager and indicated that
> it will be removed in a future release of Java. See
> https://openjdk.java.net/jeps/411. In an email thread titled "protecting
> security-sensitive operations on multi-tenant servers" on the
> security-...@openjdk.java.net mailing list, Alan Bateman indicated that
> developers should containerize their applications instead.
> This issue tracks work needed to remove Derby's references to the Java
> Security Manager.
> At a minimum, the following work needs to be done:
> o The tests should be adjusted so that they don't install a SecurityManager.
> o References to the SecurityManager should be removed from product code.
> o We should remove the SecurityManager section of the Derby Security Guide.
> In its place, we should recommend that developers containerize their Derby
> applications.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Comment Edited] (DERBY-7138) Remove references to the Java Security Manager
[
https://issues.apache.org/jira/browse/DERBY-7138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522001#comment-17522001
]
Richard N. Hillegas edited comment on DERBY-7138 at 4/14/22 1:31 AM:
-
Attaching derby-7138-05-aa-removeSecurityManager.diff. This patch makes the
following changes:
1) Make the network server no longer install a SecurityManager.
2) Adjust the JUnit tests so that they no longer install a SecurityManager.
3) Remove a couple, straggling permissions tests not included in the previous
derby-7138-03-aa-removePermissionsTests.diff checkin.
With this patch, tests passed cleanly with both the classpath and modulepath.
Touches the following files:
{noformat}
M
java/org.apache.derby.server/org/apache/derby/drda/NetworkServerControl.java
Changes necessary for (1).
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/compatibility/_Suite.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/GetCurrentPropertiesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlClientCommandTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ProtocolTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/RuntimeInfoTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SSLTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ServerPropertiesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SysinfoTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbc4/Driver40UnbootedTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/AutoloadTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/InvalidLDAPServerAuthenticationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/LDAPAuthenticationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/XATest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/AggregateClassLoadingTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/DBInJarTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/DatabaseClassLoadingTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/Derby5652.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/HalfCreatedDatabaseTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneBackupTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneCoarseAuthorizationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneCollationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneInMemoryTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneJarLoadingTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneSupportTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/NewOptimizerOverridesTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/RawDBReaderTest.java
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/SysDiagVTIMappingTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/TriggerGeneralTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/VetJigsawTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/XMLXXETest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/_Suite.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/management/CacheManagerMBeanTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/Derby5937SlaveShutdownTest.java
M
[jira] [Comment Edited] (DERBY-7138) Remove references to the Java Security Manager
[
https://issues.apache.org/jira/browse/DERBY-7138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17521332#comment-17521332
]
Richard N. Hillegas edited comment on DERBY-7138 at 4/12/22 8:47 PM:
-
Attaching derby-7138-04-ab-hostChangeInNetworkServerControlApiTest.diff. This
patch addresses the issue raised by the previous comment. This patch changes
the way that NetworkServerControlApiTest identifies the host machine. This
patch also changes that test so that it no longer installs a SecurityManager.
With this patch, the Derby tests pass cleanly with both the classpath and the
modulepath.
Touches the following files:
{noformat}
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.java
Disables the SecurityManager in this test. Creates NetworkServerControl objects
with the loopback host InetAddress.getByName("localhost") rather than
the actual machine host name InetAddress.getLocalHost().
{noformat}
was (Author: rhillegas):
Attaching derby-7138-04-ab-hostChangeInNetworkServerControlApiTest.diff. This
patch addresses the issue raised by the previous comment. This patch changes
the way that NetworkServerControlApiTest identifies the host machine. This
patch also changes that test so that it no longer installs a SecurityManager.
With this patch, the Derby tests pass cleanly with both the classpath and the
modulepath.
Touches the following files:
{noformat}
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.java
Disables the SecurityManager in this test. Creates NetworkServerControl objects
with the loopback host InetAddress.getByName("localhost") rather than the
actual machine host name InetAddress.getLocalHost().
{noformat}
> Remove references to the Java Security Manager
> --
>
> Key: DERBY-7138
> URL: https://issues.apache.org/jira/browse/DERBY-7138
> Project: Derby
> Issue Type: Task
> Components: Build tools, Documentation
>Affects Versions: 10.16.0.0
>Reporter: Richard N. Hillegas
>Assignee: Richard N. Hillegas
>Priority: Major
> Attachments: DerbyServerTest.java, Z.java,
> derby-7138-01-aa-removeSecurityManagerFromOldHarnessTests.diff,
> derby-7138-02-ab-moveMethodsToTestConfiguration.diff,
> derby-7138-03-aa-removePermissionsTests.diff,
> derby-7138-04-ab-hostChangeInNetworkServerControlApiTest.diff
>
>
> The Open JDK team has deprecated the Java Security Manager and indicated that
> it will be removed in a future release of Java. See
> https://openjdk.java.net/jeps/411. In an email thread titled "protecting
> security-sensitive operations on multi-tenant servers" on the
> security-...@openjdk.java.net mailing list, Alan Bateman indicated that
> developers should containerize their applications instead.
> This issue tracks work needed to remove Derby's references to the Java
> Security Manager.
> At a minimum, the following work needs to be done:
> o The tests should be adjusted so that they don't install a SecurityManager.
> o References to the SecurityManager should be removed from product code.
> o We should remove the SecurityManager section of the Derby Security Guide.
> In its place, we should recommend that developers containerize their Derby
> applications.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
