[
https://issues.apache.org/jira/browse/DERBY-2264?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12470227
]
Dag H. Wanvik commented on DERBY-2264:
--------------------------------------
Does it really make sense to enforce this restriction unless
sqlAuthorization is turned on as well (as authentication)?
I made a trial patch for enforcing this check for shutdown and it
broke existing tests in derbyall. So it can break existing
applications without much benefit; without authorization on, full
access users are fully trusted to change any data in any case.
> Restrict shutdown, upgrade, and encryption powers to the database owner
> -----------------------------------------------------------------------
>
> Key: DERBY-2264
> URL: https://issues.apache.org/jira/browse/DERBY-2264
> Project: Derby
> Issue Type: New Feature
> Components: Security, SQL
> Reporter: Rick Hillegas
> Attachments: dbaPowers.html, dbaPowers.html
>
>
> This JIRA separates out the database-owner powers from the system privileges
> in the master security JIRA DERBY-2109. Restrict the following powers to the
> database owner for the moment: shutdown, upgrade, and encryption.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
