Create explanation-of-the-security-manager-for-the-JDBC-driver-and-th… #174
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
exaSR
reviewed
Sep 12, 2025
Comment on lines
3
to
5
| ## Problem | ||
|
|
||
| You can disable the Security Manager by setting NOSECURITY=YES in the JDBC driver configuration, as shown in the following example: |
There was a problem hiding this comment.
That is not a problem, but a solution to the problem.
exaSR
reviewed
Sep 12, 2025
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Outdated
Show resolved
Hide resolved
…e-impact-of-disabling-it.md Problem => Question
exaSR
reviewed
Sep 12, 2025
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Show resolved
Hide resolved
exaSR
reviewed
Sep 12, 2025
|
|
||
| ## Recommendation | ||
|
|
||
| To ensure security, always download the Exasol JDBC driver from an official and trusted source. After downloading, verify the checksum to confirm the file’s integrity and that it hasn’t been tampered with. |
There was a problem hiding this comment.
It is less about the Exasol JDBC driver, but about JDBS drivers required by virtual schemas and the IMPORT command.
exaSR
reviewed
Sep 12, 2025
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Outdated
Show resolved
Hide resolved
exaSR
reviewed
Sep 12, 2025
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Outdated
Show resolved
Hide resolved
kaklakariada
approved these changes
Sep 12, 2025
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Outdated
Show resolved
Hide resolved
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Outdated
Show resolved
Hide resolved
…JDBC-driver-and-the-impact-of-disabling-it.md Co-authored-by: Christoph Pirkl <[email protected]>
…e-impact-of-disabling-it.md
allipatev
requested changes
Sep 15, 2025
...es/explanation-of-the-security-manager-for-the-JDBC-driver-and-the-impact-of-disabling-it.md
Outdated
Show resolved
Hide resolved
|
|
||
| Setting the NOSECURITY flag to YES disables Java Security Manager, allowing function calls without additional checks. | ||
|
|
||
| The Java Security Manager provides detailed control over which functions are permitted to run in your environment. However, configuring these settings can be complex and time-consuming. In the past, we tried to whitelist only the functions that JDBC drivers required. However, because the drivers frequently change and add new functions with each update, maintaining an accurate whitelist soon became impractical—especially since ExaLoader would then require a comprehensive list covering all functions for all drivers. |
There was a problem hiding this comment.
While that's true in general, for the latest occurrences JDBC connection that IMPORT tried to establish just hung until one disables Security Manager. So we had no exception stating which class / method wasn't allowed so we had no particular item to whitelist.
So it's not only time consuming (many third party drivers) and in vain (because the component is deprecated by Java platform), but also simply not always possible. This aspect might show us in even better light, so maybe you can adapt the article accordingly?
…JDBC-driver-and-the-impact-of-disabling-it.md Co-authored-by: allipatev <[email protected]>
…e-impact-of-disabling-it.md
…e-impact-of-disabling-it.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…e-impact-of-disabling-it.md
https://exasol.lightning.force.com/lightning/r/Case/500aV00000ZhIDgQAN/view