Hi there,
it seems that there is a security problem in the "Framework Security"
module of Felix.
I have full access to the bundle cache directory from each bundle.
Expectation: I should only get full access to the data storage of the
bundle itself.
Actually I was able to create files from Bundle 25 inside the data
storage of Bundle 0.
I even could delete the whole directory of Bundle 0.
I checked the same with Knopflerfish which does this check correctly.
Do I have to set more configuration parameters?
The OSGi specification defines that the framework should grant access to
the bundle's data storage.
Best regards,
Michael
