[jira] [Commented] (FELIX-5275) Felix & Equinox handling of OSGI-INF/permissions.perm differs

Tue, 05 Jul 2016 02:58:57 -0700 

    [ 
https://issues.apache.org/jira/browse/FELIX-5275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15362304#comment-15362304
 ] 

Karl Pauls commented on FELIX-5275:
-----------------------------------

I don't think this is a bug at all. Looks like felix, felix.security, and CM 
are doing the right thing. 

> Felix & Equinox handling of OSGI-INF/permissions.perm differs
> -------------------------------------------------------------
>
>                 Key: FELIX-5275
>                 URL: https://issues.apache.org/jira/browse/FELIX-5275
>             Project: Felix
>          Issue Type: Bug
>          Components: Configuration Admin, Framework Security
>    Affects Versions: configadmin-1.8.8
>         Environment: Felix config-admin 1.8.8 running on Equinox with 
> SecurityManager
>            Reporter: Derek Baum
>
> Using Felix config-admin 1.8.8 in Equinox, with a SecurityManager active, 
> causes the ManagedService.updated() method to get AccessControlExceptions 
> when, for example, accessing System properties.
> This is caused by:
> #1 OSGI-INF/permissions.perm added to config-admin in FELIX-4039
> #2 Different handling of OSGI-INF/permissions.perm between Felix and Equinox.
> I have previously raised this problem against Equinox (see External Issue 
> URL), and this is the gist of their analysis:
> ---------------------------
> The felix CM implementation is scoping their own permissions down to a strict 
> subset of permissions and Equinox is correctly enforcing that subset of 
> permissions.
> So your bundle tries to read a system property, but the CM impl is not 
> authorized to read that property.
> One complication may be that Felix is allowing its bundle protection domains 
> to be configured with the java policy file (because their ProtectionDomains 
> are constructed with that 4 arg constructor).
> This would seem to break the specified behavior though, because clearly the 
> CM implementation should never be allowed to have permission to do things 
> outside of what is specified by the permissions.perm file or that are 
> "implied" permissions auto-granted by the framework for each bundle.
> -----------------------



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to