[jira] Commented: (DERBY-3462) Require new permissions in o.a.d.security.SystemPermission to allow control to Derby's JMX management and to ensure information is not leaked through JMX

John H. Embretsen (JIRA) Fri, 14 Mar 2008 07:44:00 -0700

    [ 
https://issues.apache.org/jira/browse/DERBY-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12578772#action_12578772
 ]


John H. Embretsen commented on DERBY-3462:
------------------------------------------

Let me rephrase the first question, I hope this is more clear:
If JMX authentication is enabled, and the custom policy file includes 
permissions for a specific user to perform a set of JMX actions, then are the 
above mentioned permissions still needed for derby.jar, or are they not?
I guess I could find out by experimenting and reading code, but I thought I 
might just as well ask.

The last part I guess was part of an attempt to understand the relationship 
between the new system permissions and MBeanPermission. Again, I think 
experimenting and studying code would help me do this, but some more examples 
on the wiki or in the javadocs probably woldn't hurt either.

By the way, if you have any thoughts on what kind of documentation (DITA) 
should/could be included in 10.4 for the JMX work, please add a comment to 
DERBY-3540. I guess doc efforts would depend on whether or not this security 
work is going to be part of 10.4, and when it will stabilize.

> Require new permissions in o.a.d.security.SystemPermission to allow control 
> to Derby's JMX management and to ensure information is not leaked through JMX
> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3462
>                 URL: https://issues.apache.org/jira/browse/DERBY-3462
>             Project: Derby
>          Issue Type: Sub-task
>          Components: JMX, Security
>            Reporter: Daniel John Debrunner
>            Priority: Minor
>
> Plan is to implement proposal defined in:
> http://wiki.apache.org/db-derby/JMXSecurityExpectations#head-de15a7e9d474784775933965fe963b6ac46e7ad0
> E.g.
> jmxControl for the ability to call the operations on ManagementMBean.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (DERBY-3462) Require new permissions in o.a.d.security.SystemPermission to allow control to Derby's JMX management and to ensure information is not leaked through JMX

Reply via email to