mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

>>>>The JDBC driver requires

Browse Source 
>>>>
>>>> permission java.net.SocketPermission "host:port", "connect";
>>>>
>>>>in the policy file of the application using the JDBC driver
>>>>in the postgresql.jar file.  Since the Socket() call in the
>>>>driver is not protected by AccessController.doPrivileged() this
>>>>permission must also be granted to the entire application.
>>>>
>>>>The attached diff fixes it so that the connect permission can be
>>>>restricted just the the postgresql.jar codeBase if desired.

David Daney
This commit is contained in:
Bruce Momjian 2001-08-26 01:06:20 +00:00
parent 1be615f381
commit 19a251d0ec
1 changed files with 28 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/interfaces/jdbc/org/postgresql/PG_Stream.java
View File

@ -5,12 +5,13 @@ import java.lang.*;
import java.net.*; import java.net.*;
import java.util.*; import java.util.*;
import java.sql.*; import java.sql.*;
import java.security.*;
import org.postgresql.*; import org.postgresql.*;
import org.postgresql.core.*; import org.postgresql.core.*;
import org.postgresql.util.*; import org.postgresql.util.*;
/** /**
* $Id: PG_Stream.java,v 1.11 2001/07/30 14:51:19 momjian Exp $ * $Id: PG_Stream.java,v 1.12 2001/08/26 01:06:20 momjian Exp $
* *
* This class is used by Connection & PGlobj for communicating with the * This class is used by Connection & PGlobj for communicating with the
* backend. * backend.
@ -28,6 +29,25 @@ public class PG_Stream
BytePoolDim1 bytePoolDim1 = new BytePoolDim1(); BytePoolDim1 bytePoolDim1 = new BytePoolDim1();
BytePoolDim2 bytePoolDim2 = new BytePoolDim2(); BytePoolDim2 bytePoolDim2 = new BytePoolDim2();
private static class PrivilegedSocket
implements PrivilegedExceptionAction
{
private String host;
private int port;
PrivilegedSocket(String host, int port)
{
this.host = host;
this.port = port;
}
public Object run() throws Exception
{
return new Socket(host, port);
}
}
/** /**
* Constructor: Connect to the PostgreSQL back end and return * Constructor: Connect to the PostgreSQL back end and return
* a stream connection. * a stream connection.
@ -38,7 +58,13 @@ public class PG_Stream
*/ */
public PG_Stream(String host, int port) throws IOException public PG_Stream(String host, int port) throws IOException
{ {
connection = new Socket(host, port); PrivilegedSocket ps = new PrivilegedSocket(host, port);
try {
connection = (Socket)AccessController.doPrivileged(ps);
}
catch(PrivilegedActionException pae){
throw (IOException)pae.getException();
}
// Submitted by Jason Venner <jason@idiom.com> adds a 10x speed // Submitted by Jason Venner <jason@idiom.com> adds a 10x speed
// improvement on FreeBSD machines (caused by a bug in their TCP Stack) // improvement on FreeBSD machines (caused by a bug in their TCP Stack)