Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-6635

OptimizerTracer.unloadTool() could be used to write garbage over Derby data files.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.11.1.1
    • 10.11.1.3, 10.12.1.1
    • Tools
    • None
    • Normal
    • Security

    Description

      I don't see any checks in place to prevent this method from writing its output file into the log or sego directories or even over service.properties. Fortunately, only the DBO can run this procedure by default.

      Attachments

        1. derby-6635-01-ab-noOverwrite.diff
          11 kB
          Richard N. Hillegas
        2. derby-6635-01-aa-noOverwrite.diff
          8 kB
          Richard N. Hillegas

        Activity

          People

            rhillegas Richard N. Hillegas
            rhillegas Richard N. Hillegas
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: