db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1628256 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/store/raw/data/BaseDataFileFactory.java testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
Date Mon, 29 Sep 2014 18:52:02 GMT
Author: rhillegas
Date: Mon Sep 29 18:52:01 2014
New Revision: 1628256

URL: http://svn.apache.org/r1628256
Log:
DERBY-6636: Prevent blackhats from creating a BaseDataFileFactory; tests passed cleanly for
me on derby-6636-01-aa-usederbyinternals.diff.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/data/BaseDataFileFactory.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/data/BaseDataFileFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/data/BaseDataFileFactory.java?rev=1628256&r1=1628255&r2=1628256&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/data/BaseDataFileFactory.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/data/BaseDataFileFactory.java
Mon Sep 29 18:52:01 2014
@@ -23,7 +23,7 @@ package org.apache.derby.impl.store.raw.
 
 
 import org.apache.derby.iapi.reference.MessageId;
-
+import org.apache.derby.iapi.security.SecurityUtil;
 import org.apache.derby.iapi.services.info.ProductVersionHolder;
 
 import org.apache.derby.database.Database;
@@ -232,6 +232,8 @@ public class BaseDataFileFactory
 
 	public BaseDataFileFactory() 
     {
+        // Verify that we have permission to execute this method.
+        SecurityUtil.checkDerbyInternalsPrivilege();
 	}
 
 	/*

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java?rev=1628256&r1=1628255&r2=1628256&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
Mon Sep 29 18:52:01 2014
@@ -34,6 +34,7 @@ import org.apache.derbyTesting.junit.Tes
 import org.apache.derby.iapi.services.context.ContextService;
 import org.apache.derby.impl.jdbc.EmbedConnection;
 import org.apache.derby.impl.services.jce.JCECipherFactoryBuilder;
+import org.apache.derby.impl.store.raw.data.BaseDataFileFactory;
 
 /**
  * <p>
@@ -158,4 +159,20 @@ public class NoDBInternalsPermissionTest
         }
         catch (AccessControlException e) { println( "Caught an AccessControlException" );
}
     }
+
+    /**
+     * <p>
+     * Verify that you need usederbyinternals permission to boot a BaseDataFileFactory.
+     * See DERBY-6636.
+     * </p>
+     */
+    public  void    test_004_BasDataFileFactory()
+        throws Exception
+    {
+        try {
+            BaseDataFileFactory bdff = new BaseDataFileFactory();
+            fail( "Should have raised an AccessControlException" );
+        }
+        catch (AccessControlException e) { println( "Caught an AccessControlException" );
}
+    }
 }



Mime
View raw message