| Bug #2262 | Connector/J Security Bug | ||
|---|---|---|---|
| Submitted: | 2 Jan 2004 16:03 | Modified: | 3 Jan 2004 8:50 |
| Reporter: | [ name withheld ] | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | Connector / J | Severity: | S2 (Serious) |
| Version: | 3.0.9 | OS: | Any (any) |
| Assigned to: | CPU Architecture: | Any | |
[3 Jan 2004 8:50]
Mark Matthews
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.
If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information
about accessing the source trees is available at
http://www.mysql.com/doc/en/Installing_source_tree.html
[3 Jan 2004 8:50]
Mark Matthews
This was fixed earlier this month. Please try a nightly snapshot build from http://downloads.mysql.com/snapshots.php
Description: Connector/J 3.0.9 will not allow an applet to access a database that exists on the same server from which it was served. The following Exception is thrown: java.sql.SQLException: Unable to connect to any hosts due to exception: java.security.AccessControlException: access denied (java.util.PropertyPermission file.encoding read) Connector/J version 3.0.7 does not generate this exception. How to repeat: Example Applet code: Class.forName("com.mysql.jdbc.Driver").newInstance(); String databaseURL="jdbc:mysql://"+getCodeBase().getHost()+"/somedatabase"); Connection connection = DriverManager.getConnection( url+"?user="+user+"&password="+password); This code will work with applets using Connector/J 3.0.7 but not with version 3.0.9