You should ask questions about configuring Equinox in the Equinox forums: http://www.eclipse.org/forums/index.php/f/31/
What you want to do is beyond the scope of BundleSignerCondition but I do think there is an Equinox specific option that can do what you want. -- BJ Hargrave Senior Technical Staff Member, IBM OSGi Fellow and CTO of the OSGi Alliance [email protected] office: +1 386 848 1781 mobile: +1 386 848 3788 From: "Tobias Wagner" <[email protected]> To: <[email protected]>, Date: 2012/02/01 04:46 Subject: [osgi-dev] Policy based signature checking on bundles Sent by: [email protected] Hi, We ran into problems, using signed bundles with Equinox using the org.osgi.service.condpermadmin.BundleSignerCondition. We found, that bundles with corrupted resources were started without SecurityException or something simliar. When is the BundleSignerCondition evaluated to false? Our observation was, that * unsigned bundles * signed bundles with other signer-DN than the one given in the policy * signed bundles with tampered SF file * signed bundles with tampered MF file are not started by Equinox, due to lack of permission. This is fine so far, but bundles containing tampered class files were installed and started. For the same bundle the jarsigner tool coming with the JDK identified the tampered class file within the bundle and threw a SecurityException reporting a SHA1-digest error for that certain class file. Our configuration: The Equinox framework is started by a launcher class. After starting the framework, the first bundle started is a bundle to update the security policy. It gets the org.osgi.service.condpermadmin.ConditionalPermissionAdmin from the bundle context and uses it's ConditionalPermissionUpdate to commit the update. The policy in force is this one: ALLOW { [ org.osgi.service.condpermadmin.BundleLocationCondition "system:de.company.project.policy/" ] (java.security.AllPermission "*" "*") } "Management Agent Policy" ALLOW { [ org.osgi.service.condpermadmin.BundleSignerCondition "CN=project,O=company,C=de" ] (java.security.AllPermission "*" "*") } "Bundles Signed by company get AllPermission" The Java VM is started with following properties -Djava.security.manager -Djava.security.policy=all.policy -Dorg.osgi.framework.trust.repositories=certificates.ks -Dorg.osgi.framework.security="osgi" Where certificates.ks is a java keystore file containing the certificate for signature checking and all.policy is a java policy file providing full permissions: grant { permission java.security.AllPermission; }; The JRE is jdk1.6.0_30. Is there a chance, to change the configuration to get more restrictive signature checking? Thank you Tobias _______________________________________________ OSGi Developer Mail List [email protected] https://mail.osgi.org/mailman/listinfo/osgi-dev
_______________________________________________ OSGi Developer Mail List [email protected] https://mail.osgi.org/mailman/listinfo/osgi-dev
