[
https://issues.apache.org/jira/browse/DERBY-2206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12466493
]
Rick Hillegas commented on DERBY-2206:
--------------------------------------
I think that making this simpler is fine. I'm happy with one pseudo-jar which
wraps everything loaded by the system, extensions, and bootstrap classloaders.
As a nit, I'd sand down the name to something shorter. Maybe SYS.ENV.
I would be comfortable with this usage:
1) SYS.ENV is never mentioned in the jar-specific classpaths set by
SQLJ.ALTER_JAVA_PATH. Instead, everything in SYS.ENV can be referenced,
implicitly, by user code.
2) The only purpose of SYS.ENV is to qualify EXTERNAL NAMEs when declaring
procedures and functions.
3) SYS.ENV starts out with USAGE granted to the database owner. Initially, only
the database owner can publish entry points in SYS.ENV.
> Provide complete security model for Java routines
> -------------------------------------------------
>
> Key: DERBY-2206
> URL: https://issues.apache.org/jira/browse/DERBY-2206
> Project: Derby
> Issue Type: New Feature
> Components: Security, SQL
> Reporter: Rick Hillegas
> Fix For: 10.3.0.0
>
>
> Add GRANT/REVOKE mechanisms to control which jar files can be mined for
> user-created objects such as Functions and Procedures. In the future this may
> include Aggregates and Function Tables also. The issues are summarized on the
> following wiki page: http://wiki.apache.org/db-derby/JavaRoutineSecurity.
> Plugin management can be tracked by this JIRA rather than by DERBY-2109. This
> is a master JIRA to which subtasks can be linked.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
