[jira] Created: (DERBY-4292) creation of FileInputStream in org.apache.derby.impl.tools.ij.Main not wrapped in privilege block which can cause problems running under SecurityManager

Kathey Marsden (JIRA) Thu, 25 Jun 2009 12:44:32 -0700

creation of FileInputStream in org.apache.derby.impl.tools.ij.Main not wrapped 
in privilege  block which can cause problems running under SecurityManager
---------------------------------------------------------------------------------------------------------------------------------------------------------


                 Key: DERBY-4292
                 URL: https://issues.apache.org/jira/browse/DERBY-4292
             Project: Derby
          Issue Type: Bug
          Components: Tools
    Affects Versions: 10.5.1.1, 10.4.2.0, 10.3.2.1, 10.2.2.0, 10.1.3.1, 10.6.0.0
            Reporter: Kathey Marsden


org.apache.derby.impl.tools.ij.Main has this code where the call to 
FileInputStream is not wrapped in a privilege block:

                   try {
                        in1 = new FileInputStream(file);
                        if (in1 != null) {
                            in1 = new BufferedInputStream(in1, 
utilMain.BUFFEREDFILESIZE);
                            in = langUtil.getNewInput(in1);
                        }
                    } catch (FileNotFoundException e) {
                        if (Boolean.getBoolean("ij.searchClassPath")) {
                            in = 
langUtil.getNewInput(util.getResourceAsStream(file));
                        }

This can cause issues when running under SecurityManager

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Created: (DERBY-4292) creation of FileInputStream in org.apache.derby.impl.tools.ij.Main not wrapped in privilege block which can cause problems running under SecurityManager

Reply via email to