protecting security-sensitive operations on multi-tenant servers

Rick Hillegas rick.hillegas at gmail.com
Sun Mar 27 13:45:34 UTC 2022


 From the silence, I assume that there isn't any advice I can give Derby 
users. At this time the Security Manager is the only mechanism for 
protecting an application against these threats. Users should ignore the 
deprecation diagnostics and set -Djava.security.manager=allow.

On 3/24/22 2:27 PM, Rick Hillegas wrote:
> The Apache Derby community is getting ready to vet a new release which 
> can be used on Java 17. Before buttoning down the release, I wanted to 
> check in on current best practices for defending enterprise 
> applications against the threats which the Java Security Manager 
> parries. There may be some work we could do to better prepare our 
> users for a future without a Security Manager.
>
> In particular, what are current best Java practices for protecting a 
> multi-tenant server against abuse of the following security-sensitive 
> operations:
>
> o Reading and setting of system properties.
>
> o Creation of class loaders.
>
> o File access
>
> o Network access
>
> o De-registration of JDBC drivers
>
> Thanks,
> -Rick
>




More information about the security-dev mailing list