[jira] Commented: (DERBY-2196) Run standalone network server with security manager by default

Tue, 20 Feb 2007 12:40:27 -0800 

    [ 
https://issues.apache.org/jira/browse/DERBY-2196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12474547
 ] 

Andrew McIntyre commented on DERBY-2196:
----------------------------------------

I'm agreeing with Bernt here. Also, what none of the discussions of 
client/server seem to have taken into account is the client security mechanism 
for encrypting username and password over the wire. Unless I'm mistaken, the 
default is still currently clear text and derby.drda.securityMechanism remains 
undocumented. So unless that default is changed, calling the option --unsecure 
is a little misleading when the username and password go out over the wire as 
clear text. SSL will certainly help, but not if it is not enabled by default. I 
have a vague recollection of there being discussions to change the default 
security mechanism to the strong substitute, USRSSBPWD, once that method was 
introduced, but I'm not sure where it ended up.

> Run standalone network server with security manager by default
> --------------------------------------------------------------
>
>                 Key: DERBY-2196
>                 URL: https://issues.apache.org/jira/browse/DERBY-2196
>             Project: Derby
>          Issue Type: Improvement
>          Components: Network Server, Security
>            Reporter: Daniel John Debrunner
>         Assigned To: Rick Hillegas
>         Attachments: derby-2196-01-print-01.diff, 
> derby-2196-01-print-02.diff, derby-2196-01-print-03.diff, 
> derby-2196-02-install-01.diff, derby-2196-03-tests-01.diff, 
> secureServer.html, secureServer.html, secureServer.html, secureServer.html, 
> secureServer.html, secureServer.html
>
>
> From an e-mail discussion:
> ... Derby should match the security  provided by typical client server 
> systems such as DB2, Oracle, etc. I 
> think in this case system/database owners are trusting the database 
> system to ensure that their system cannot be attacked. So maybe if Derby 
> is booted as a standalone server with no security manager involved, it 
> should install one with a default security policy. Thus allowing Derby 
> to use Java security manager to manage system privileges but not 
> requiring everyone to become familiar with them.
> http://mail-archives.apache.org/mod_mbox/db-derby-dev/200612.mbox/[EMAIL 
> PROTECTED]
> I imagine such a policy would allow any access to databases under 
> derby.system.home and/or user.home.
> By standalone I mean the network server was started though the main() method 
> (command line).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to