[ https://issues.apache.org/jira/browse/DERBY-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14623467#comment-14623467 ]
Bryan Pendleton commented on DERBY-6741: ---------------------------------------- With OpenJDK 1.8.0_45 running on Fedora22, I see highly intermittent failures in NoDBInternalsPermissionTest.test_002_EmbedConnection My error is: java.security.AccessControlException: access denied org.apache.derby.security.SystemPermission( "engine", "usederbyinternals" ) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:457) at java.security.AccessController.checkPermission(AccessController.java:884) at org.apache.derby.iapi.security.SecurityUtil.checkDerbyInternalsPrivilege(SecurityUtil.java:221) at org.apache.derby.iapi.services.monitor.Monitor.getMonitorLite(Monitor.java:339) at org.apache.derby.iapi.services.property.PropertyUtil$2.run(PropertyUtil.java:719) at org.apache.derby.iapi.services.property.PropertyUtil$2.run(PropertyUtil.java:716) at java.security.AccessController.doPrivileged(Native Method) The error is quite hard to reproduce, and seems only to happen in large suite runs. Any thoughts on what might be happening? > User code can get the ContextManager from an EmbedConnection > ------------------------------------------------------------ > > Key: DERBY-6741 > URL: https://issues.apache.org/jira/browse/DERBY-6741 > Project: Derby > Issue Type: Bug > Components: JDBC, Services > Reporter: Rick Hillegas > Assignee: Rick Hillegas > Fix For: 10.12.0.0 > > Attachments: derby-6741-01-aa-usederbyinternals.diff > > > EmbedConnection.getContextManager() is a public method. Exposing internals > like the ContextManager is a security risk. -- This message was sent by Atlassian JIRA (v6.3.4#6332)