Based on Dans suggestions to fix an issue with my patch for DERBY-3445,
I read up a bit more on policy files and discovered a feature that can
be used to make parts of the policy file optional. Since I didn't know
about this feature myself, I thought I'd share it with the community, as
I think it could be useful if you are trying to figure out how to get a
test to run with the security manager.
I found the following details on property expansion in policy files
here:
http://java.sun.com/j2se/1.4.2/docs/guide/security/PolicyFiles.html#PropertyExp
---
Also note: If a property can't be expanded in a grant entry, permission
entry, or keystore entry, that entry is ignored. For example, if the
system property "foo" is not defined and you have:
grant codeBase "${foo}" {
permission ...;
permission ...;
};
then all the permissions in this grant entry are ignored. If you have
grant {
permission Foo "${foo}";
permission Bar;
};
then only the "permission Foo..." entry is ignored. And finally, if you
have
keystore "${foo}";
then the keystore entry is ignored.
---
So, if you have some permission you want to be used only in special
circumstances, it can be controlled for instance by using a property
that is either not set (disabled) or set to an empty string (enabled).
Adding this property to some part of the permissions you want to be
optional means that these permissions are enabled when the property is
set and ignored if the property is not set. Since the property is just
set to an empty string, the permission itself is not affected in any way
by the property.
Vemund
Daniel John Debrunner (JIRA) wrote:
[ https://issues.apache.org/jira/browse/DERBY-3445?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12572140#action_12572140 ]
Daniel John Debrunner commented on DERBY-3445:
----------------------------------------------
It's a concern that permissions are always granted to derby.jar, even though
they are only needed if performing code coverage with EMMA.
This creates an opportunity where Derby code could unknowingly start to depend
on those permissions.
These permissions are as follows, are they needed for all code in the stack, or
just a subset?
+ // These permissions are needed when testing code instrumented with EMMA.
+ permission java.util.PropertyPermission "user.dir", "read";
+ permission java.io.FilePermission "${user.dir}${/}coverage.ec", "read";
+ permission java.lang.RuntimePermission "writeFileDescriptor";
A work-around may be to add separate sections in the policy file, e.g. if these
permissions are only needed for a subset of jars then:
grant codebase "${emmaActive}/derby.jar" {
permission java.util.PropertyPermission "user.dir", "read";
permission java.io.FilePermission "${user.dir}${/}coverage.ec", "read";
permission java.lang.RuntimePermission "writeFileDescriptor";
};
then emmaActive is only set when running code coverage with EMMA. It possible a
similar trick could be done if they are needed for all code,
something that resolves to:
grant {
permission java.util.PropertyPermission "user.dir", "read";
permission java.io.FilePermission "${user.dir}${/}coverage.ec", "read";
permission java.lang.RuntimePermission "writeFileDescriptor";
};
if and only if some emma property is set
