This is great! Given our emphasis on security since Derby can be
distributed all over the map, this is very important.
Did you update the test instructions to indicate how to turn off the
security manager and what sorts of errors you might see that may
motivate you to turn it off?
Thanks,
David
Daniel John Debrunner wrote:
I just committed 326736 to the trunk which changes the test harness to
install a security manager for the JVM running the client side of a test
(embedded or network, sql or java test, unit tests as well).
Here's the commit comment.
-------------------------------
DERBY-615 Change the test harness to run tests with a security manager
by default, using the same mechanism as used to install a security manager
for the separate network server process.
The security manager is not installed when any of the following are true:
noSecurityManager=true is in the <testname>_app.properties file
JCC (DB2 Universal Driver) is the JDBC client - this is a short term
restriction.
Tests where useProcess=false, e.g. nist suite - this is a short term
restriction.
Update the policy file to allow most remaining tests to run using a
security manager.
--------------------------------
If this causes too many issues then this (326736) is the fix to revert,
other changes under DERBY-615 should be ok. I have tested with jars and
non-jars, sane and insane but you never know. I'm in a training course
the next couple of days so may not be able to address any issues. If the
need to revert 326736 arises, then please go ahead and I will resolve
any of the issues before trying again.
I think at least 50% of the tests run with a security manager with this
change, I need to calculate the actual number.
To update Francois' concern about J2ME/CDC, currently the test suite
does not install a security manager for j9_foundation, this was the
existing behaviour. I've left this as-is in order to take a staged
approach, get clean runs under J2SE before moving onto J2ME/CDC. I did,
however, run J2ME/CDC with the security mananger enabled and most tests
seemed to pass. There were some failures but they may have been the same
as J2SE before I started disabling tests with noSecurityManager=true.
Dan.
begin:vcard
fn:David W Van Couvering
n:Van Couvering;David W
org:Sun Microsystems, Inc.;Database Technology Group
email;internet:[EMAIL PROTECTED]
title:Senior Staff Software Engineer
tel;work:510-550-6819
tel;cell:510-684-7281
x-mozilla-html:TRUE
version:2.1
end:vcard
