[tomee-tck] 01/02: Refine permissions a bit more

Mon, 26 Apr 2021 10:31:40 -0700 

This is an automated email from the ASF dual-hosted git repository.

jlmonteiro pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee-tck.git

commit aa5653258801b546d5ba7b4af2913aac3bd891aa
Author: Jean-Louis Monteiro <[email protected]>
AuthorDate: Mon Apr 26 16:21:33 2021 +0200

    Refine permissions a bit more
    
    Signed-off-by: Jean-Louis Monteiro <[email protected]>
---
 src/test/tomee-plume/conf/catalina.policy | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/test/tomee-plume/conf/catalina.policy 
b/src/test/tomee-plume/conf/catalina.policy
index 565dcf2..4413ba4 100644
--- a/src/test/tomee-plume/conf/catalina.policy
+++ b/src/test/tomee-plume/conf/catalina.policy
@@ -171,14 +171,16 @@ grant {
     permission java.util.PropertyPermission "openejb.*", "read";
     permission java.util.PropertyPermission "user.name", "read";
     permission java.util.PropertyPermission "java.io.tmpdir", "read";
+    permission java.io.FilePermission "${catalina.base}/lib/-", "read"; // 
java ee api class, slf4j, owb, etc
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.catalina.loader"; // tomee
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.catalina.core"; // tomee
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.catalina.realm"; // tomee
-    permission java.io.FilePermission "${catalina.base}/lib/-", "read"; // 
java ee api class, slf4j, owb, etc
+    permission java.lang.RuntimePermission "setContextClassLoader"; // tomee
     permission java.lang.RuntimePermission "accessDeclaredMembers"; // owb
     permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; // 
owb
     permission java.net.SocketPermission "localhost", "connect,resolve"; // 
jndi
     permission java.net.SocketPermission "127.0.0.1", "connect,resolve"; // 
jndi
+    permission javax.security.auth.AuthPermission "doAsPrivileged"; // tomee 
security
     permission javax.security.auth.AuthPermission "modifyPrincipals"; // tomee 
security
     permission javax.security.auth.AuthPermission "modifyPrivateCredentials"; 
// tomee security

Reply via email to