[
https://jira.jboss.org/jira/browse/TEIID-950?page=com.atlassian.jira.plug...
]
Van Halbert moved JBEDSP-19 to TEIID-950:
-----------------------------------------
Project: Teiid (was: JBoss Enterprise Data Services Platform)
Key: TEIID-950 (was: JBEDSP-19)
Component/s: Query Engine
(was: Server)
Fix Version/s: (was: Westport)
Affects Version/s: (was: 5.5.1)
(was: 5.5)
Add ability to control access to environment variables
------------------------------------------------------
Key: TEIID-950
URL:
https://jira.jboss.org/jira/browse/TEIID-950
Project: Teiid
Issue Type: Quality Risk
Components: Query Engine
Environment: Found by client on MMx 502, tested and found issue present through
551.
Reporter: Marc Shirley
SELECT ENV('os.name') || ' ' || ENV('os.version') || ' '
|| ENV('java.home') returns the details of the server, which from the client
perspective is a security risk. This information is even visible by a user with no access
to any tables. Client is looking to have this disabled, or have the ability to disable
it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira