[Pljava-dev] SecurityException on pljava-1.2

Hi folks,

When I use pljava-1.0 with PostgreSQL 8.0,
my java procedures work fine.

However, when I upgrade PG to 8.1, and pljava to 1.2,
I got the security exception like below:

java.lang.SecurityException: execute on <<ALL FILES>>
at org.postgresql.pljava.internal.Backend$1.assertPermission(Backend.java:178)
at org.postgresql.pljava.internal.Backend$PLJavaSecurityManager.nonRecursiveCheck(Backend.java:113)
at org.postgresql.pljava.internal.Backend$PLJavaSecurityManager.checkPermission(Backend.java:91)
at java.lang.SecurityManager.checkExec(SecurityManager.java:774)
at java.lang.Runtime.exec(Runtime.java:563)
at java.lang.Runtime.exec(Runtime.java:428)
at java.lang.Runtime.exec(Runtime.java:364)
at org.postgresql.pljava.restore.Command.execCommand(Command.java:27)
at org.postgresql.pljava.restore.RestoreDB.execRestore(RestoreDB.java:33)

I guess this is a kind of FAQ, but I can't find any information on the net.
How can I fix this?

Regards,
--
NAGAYASU Satoshi <nagayasus at nttdata.co.jp>

Satoshi,
You are trying to execute an operating system command. Using a function
that is declared with 'language java' that will not be permitted since,
'java' in PostgreSQL terminology is a 'trusted language'. You need to
declare your function with 'language javaU' (untrusted). Some relevant
links:

http://gborg.postgresql.org/project/pljava/genpage.php?userguide#Trusted_language
http://www.postgresql.org/docs/8.1/interactive/perm-functions.html
http://www.postgresql.org/docs/8.1/interactive/sql-createlanguage.html

Regards,
Thomas Hallgren

PS.
I see that you're using packages that start with
'org.postgresql.pljava'. Are you developing something that you plan to
make part of PL/Java?

Satoshi Nagayasu wrote:
> Hi folks,
>
> When I use pljava-1.0 with PostgreSQL 8.0,
> my java procedures work fine.
>
> However, when I upgrade PG to 8.1, and pljava to 1.2,
> I got the security exception like below:
>
> java.lang.SecurityException: execute on <<ALL FILES>>
> at org.postgresql.pljava.internal.Backend$1.assertPermission(Backend.java:178)
> at org.postgresql.pljava.internal.Backend$PLJavaSecurityManager.nonRecursiveCheck(Backend.java:113)
> at org.postgresql.pljava.internal.Backend$PLJavaSecurityManager.checkPermission(Backend.java:91)
> at java.lang.SecurityManager.checkExec(SecurityManager.java:774)
> at java.lang.Runtime.exec(Runtime.java:563)
> at java.lang.Runtime.exec(Runtime.java:428)
> at java.lang.Runtime.exec(Runtime.java:364)
> at org.postgresql.pljava.restore.Command.execCommand(Command.java:27)
> at org.postgresql.pljava.restore.RestoreDB.execRestore(RestoreDB.java:33)
>
> I guess this is a kind of FAQ, but I can't find any information on the net.
> How can I fix this?
>
> Regards,
>

Thomas,

Thomas Hallgren wrote:
> You are trying to execute an operating system command. Using a function
> that is declared with 'language java' that will not be permitted since,
> 'java' in PostgreSQL terminology is a 'trusted language'. You need to
> declare your function with 'language javaU' (untrusted). Some relevant
> links:
>
> http://gborg.postgresql.org/project/pljava/genpage.php?userguide#Trusted_language

Thanks for the information. I missed the paragraph you pointed.

> I see that you're using packages that start with
> 'org.postgresql.pljava'. Are you developing something that you plan to
> make part of PL/Java?

No. I think our package should be renamed.
--
NAGAYASU Satoshi <nagayasus at nttdata.co.jp>