[
https://issues.apache.org/jira/browse/DERBY-2206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12466507
]
Daniel John Debrunner commented on DERBY-2206:
----------------------------------------------
"The only purpose of SYS.ENV is to qualify EXTERNAL NAMEs when declaring
procedures and functions. "
Does this mean that SYS.ENV would explicitly be needed as the jarid in EXTERNAL
NAME?
What about routines that are declared without a jar identifer?
SYS.ENV looks a little forced as it doesn't behave like a regular jar file, I
think due to merging the JRE and CLASSPATH classes which I think is the correct
approach.
In some cases it seems like EXECUTE permission on sqlj.install_jar would have
the same functionality in terms of security as USAGE on SYS.ENV.
I guess it will become clearer with a functional spec for DERBY-2252, the
details of how SYS.ENV would work are not clear to me.
> Provide complete security model for Java routines
> -------------------------------------------------
>
> Key: DERBY-2206
> URL: https://issues.apache.org/jira/browse/DERBY-2206
> Project: Derby
> Issue Type: New Feature
> Components: Security, SQL
> Reporter: Rick Hillegas
> Fix For: 10.3.0.0
>
>
> Add GRANT/REVOKE mechanisms to control which jar files can be mined for
> user-created objects such as Functions and Procedures. In the future this may
> include Aggregates and Function Tables also. The issues are summarized on the
> following wiki page: http://wiki.apache.org/db-derby/JavaRoutineSecurity.
> Plugin management can be tracked by this JIRA rather than by DERBY-2109. This
> is a master JIRA to which subtasks can be linked.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
