[teiid-issues] [JBoss JIRA] Moved: (TEIID-950) Add ability to control access to environment variables
Van Halbert (JIRA)
jira-events at lists.jboss.org
Tue Feb 16 09:48:10 EST 2010
[ https://jira.jboss.org/jira/browse/TEIID-950?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Van Halbert moved JBEDSP-19 to TEIID-950:
-----------------------------------------
Project: Teiid (was: JBoss Enterprise Data Services Platform)
Key: TEIID-950 (was: JBEDSP-19)
Component/s: Query Engine
(was: Server)
Fix Version/s: (was: Westport)
Affects Version/s: (was: 5.5.1)
(was: 5.5)
> Add ability to control access to environment variables
> ------------------------------------------------------
>
> Key: TEIID-950
> URL: https://jira.jboss.org/jira/browse/TEIID-950
> Project: Teiid
> Issue Type: Quality Risk
> Components: Query Engine
> Environment: Found by client on MMx 502, tested and found issue present through 551.
> Reporter: Marc Shirley
>
> SELECT ENV('os.name') || ' ' || ENV('os.version') || ' ' || ENV('java.home') returns the details of the server, which from the client perspective is a security risk. This information is even visible by a user with no access to any tables. Client is looking to have this disabled, or have the ability to disable it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the teiid-issues
mailing list