[jira] Commented: (DERBY-2206) Provide complete security model for Java routines

Mon, 22 Jan 2007 13:35:51 -0800 

    [ 
https://issues.apache.org/jira/browse/DERBY-2206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12466573
 ] 

Rick Hillegas commented on DERBY-2206:
--------------------------------------

Here's another crack at this:

1) The default behavior for Derby is the current behavior with all of its 
security holes for java routines.

2) To get secure behavior for java routines, the customer has to explicitly 
opt-in. Let's be vague about what that entails right now.

3) If you do opt-in, then you get the SQL standard behavior:

   3a) Jar ids are mandatory.
   3b) There is no SYS.ENV pseudo-jar. Instead, to access methods in the JRE 
you have to include little wrapper methods in your jar files that you loaded 
into the database.
   3c) The search order for customer-written routines is SQL standard: First we 
look in the jar file where the routine lives. Then we look in the other jar 
files in the order specified by SQLJ.ALTER_JAVA_PATH. Then we defer to the 
system class loader.
   3d) At runtime, when we invoke the routine, we make sure that it actually 
lives in the declared jar file.


> Provide complete security model for Java routines
> -------------------------------------------------
>
>                 Key: DERBY-2206
>                 URL: https://issues.apache.org/jira/browse/DERBY-2206
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Rick Hillegas
>             Fix For: 10.3.0.0
>
>
> Add GRANT/REVOKE mechanisms to control which jar files can be mined for 
> user-created objects such as Functions and Procedures. In the future this may 
> include Aggregates and Function Tables also. The issues are summarized on the 
> following wiki page: http://wiki.apache.org/db-derby/JavaRoutineSecurity. 
> Plugin management can be tracked by this JIRA rather than by DERBY-2109. This 
> is a master JIRA to which subtasks can be linked.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to