Skip to content

Commit 19a251d

Browse files
bmomjianbmomjian
committed
>>>>The JDBC driver requires
>>>> >>>> permission java.net.SocketPermission "host:port", "connect"; >>>> >>>>in the policy file of the application using the JDBC driver >>>>in the postgresql.jar file. Since the Socket() call in the >>>>driver is not protected by AccessController.doPrivileged() this >>>>permission must also be granted to the entire application. >>>> >>>>The attached diff fixes it so that the connect permission can be >>>>restricted just the the postgresql.jar codeBase if desired. David Daney
1 parent 1be615f commit 19a251d

File tree

1 file changed

+28
-2
lines changed

1 file changed

+28
-2
lines changed

src/interfaces/jdbc/org/postgresql/PG_Stream.java

Lines changed: 28 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,13 @@
55
import java.net.*;
66
import java.util.*;
77
import java.sql.*;
8+
import java.security.*;
89
import org.postgresql.*;
910
import org.postgresql.core.*;
1011
import org.postgresql.util.*;
1112

1213
/**
13-
* $Id: PG_Stream.java,v 1.11 2001/07/30 14:51:19 momjian Exp $
14+
* $Id: PG_Stream.java,v 1.12 2001/08/26 01:06:20 momjian Exp $
1415
*
1516
* This class is used by Connection & PGlobj for communicating with the
1617
* backend.
@@ -28,6 +29,25 @@ public class PG_Stream
2829
BytePoolDim1 bytePoolDim1 = new BytePoolDim1();
2930
BytePoolDim2 bytePoolDim2 = new BytePoolDim2();
3031

32+
private static class PrivilegedSocket
33+
implements PrivilegedExceptionAction
34+
{
35+
private String host;
36+
private int port;
37+
38+
PrivilegedSocket(String host, int port)
39+
{
40+
this.host = host;
41+
this.port = port;
42+
}
43+
44+
public Object run() throws Exception
45+
{
46+
return new Socket(host, port);
47+
}
48+
}
49+
50+
3151
/**
3252
* Constructor: Connect to the PostgreSQL back end and return
3353
* a stream connection.
@@ -38,7 +58,13 @@ public class PG_Stream
3858
*/
3959
public PG_Stream(String host, int port) throws IOException
4060
{
41-
connection = new Socket(host, port);
61+
PrivilegedSocket ps = new PrivilegedSocket(host, port);
62+
try {
63+
connection = (Socket)AccessController.doPrivileged(ps);
64+
}
65+
catch(PrivilegedActionException pae){
66+
throw (IOException)pae.getException();
67+
}
4268

4369
// Submitted by Jason Venner <jason@idiom.com> adds a 10x speed
4470
// improvement on FreeBSD machines (caused by a bug in their TCP Stack)

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy