[ http://issues.apache.org/jira/browse/DERBY-701?page=comments#action_12360550 ]
Jean T. Anderson commented on DERBY-701: ---------------------------------------- Here's a tested policy file for the example in http://db.apache.org/derby/docs/dev/adminguide/tadminnetservrun.html . (1) nsrv.policy file: //Recommended set of permissions to start and use the Network Server, //assuming the 'd:/derby/lib' directory has been secured. //Fine tune based on your environment settings grant codeBase "file:d:/derby/lib/-" { permission java.io.FilePermission "${derby.system.home}", "read"; permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete"; permission java.io.FilePermission "${user.dir}${/}-", "read, write, delete"; permission java.util.PropertyPermission "derby.*", "read"; permission java.util.PropertyPermission "user.dir", "read"; permission java.lang.RuntimePermission "createClassLoader"; permission java.net.SocketPermission "localhost", "accept"; }; //Required set of permissions to stop the Network Server, assuming you have // secured the 'd:/derby/lib' directory //Remember to fine tune this as per your environment. grant codeBase "file:d:/derby/lib/-" { //Following is required when server is started with "-h localhost" //or without the -h option permission java.net.SocketPermission "localhost", "accept, connect,resolve"; permission java.net.SocketPermission "127.0.0.1", "accept, connect,resolve"; //The following is only required if the server is started with the -h <host> //option (else shutdown access will be denied). permission java.net.SocketPermission "localhost:*", "accept, connect,resolve"; }; (2) Start the network server using this policy file: java -Djava.security.manager -Djava.security.policy=d:/nsrv.policy org.apache.derby.drda.NetworkServerControl start (3) Here's a simple example that shows how the policy restricts where users can create a new database. The user can create a database in the default derby system home: ij> connect 'jdbc:derby://localhost:1527/MyDbTest;create=true'; The user is prevented from creating a database in another location: ij> connect 'jdbc:derby://localhost:1527//BadTst;create=true'; ERROR XJ040: DERBY SQL error: SQLCODE: -1, SQLSTATE: XJ040, SQLERRMC: Failed to start database '/BadTst', see the next exception for details.::SQLSTATE: XJ00 1Java exception: 'access denied (java.io.FilePermission C:\BadTst\service.properties read): java.security.AccessControlException'. > Java 2 security policy file examples don't work -- are missing a needed line > ---------------------------------------------------------------------------- > > Key: DERBY-701 > URL: http://issues.apache.org/jira/browse/DERBY-701 > Project: Derby > Type: Bug > Components: Documentation > Versions: 10.1.1.1 > Reporter: Jean T. Anderson > Priority: Minor > > These security policy file examples don't work as is: > http://db.apache.org/derby/docs/dev/devguide/rdevcsecure871406.html > http://db.apache.org/derby/docs/dev/devguide/rdevcsecure871422.html > http://db.apache.org/derby/docs/dev/devguide/rdevcsecure871439.html > Each example needs this additional line: > permission java.io.FilePermission "${derby.system.home}","read"; > The email thread is here: > http://mail-archives.apache.org/mod_mbox/db-derby-user/200511.mbox/[EMAIL > PROTECTED] > To show one of the examples, here is the current text for Example 1: > grant codeBase "file://f:/derby/lib/derby.jar" { > permission java.lang.RuntimePermission "createClassLoader"; > permission java.util.PropertyPermission "derby.*", "read"; > permission java.io.FilePermission "${derby.system.home}${/}-", > "read,write,delete"; > }; > It needs to be this instead: > grant codeBase "file://f:/derby/lib/derby.jar" { > permission java.lang.RuntimePermission "createClassLoader"; > permission java.util.PropertyPermission "derby.*", "read"; > permission java.io.FilePermission "${derby.system.home}","read"; > permission java.io.FilePermission > "${derby.system.home}${/}-","read,write,delete"; > }; -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
