Hi Dennis,
Clarification see inline:
Peter Firmstone wrote:
You place a file called permissions.perm inside a top level directory
in the bundle.
OSGI-INF/permissions.perm
The syntax is that used for java policy files.
The above statement is incorrect, my apologies, it should have read "is
similar to that" , sorry a bit tired, it's actually a simpler more
restricted syntax than the policy files, although it will be instantly
recognisable to anyone used to writing policy files, permissions.perm is
a UTF-8 encoded text file, lines beginning with # or // are comments, it
doesn't have grants etc. It has only one permission per line.
Here's an example of OSGI-INF/permissions.perm :
# Quick and dirty example list of required permissions for some bundle
( java.util.PropertyPermission "jsk.home" "read" )
( java.util.PropertyPermission "jsk.port" "read, write" )
( java.io.FilePermission "<<ALL FILES>>" "read" )
//eof
Without OSGi Bundles, the identical permission's might appear like this
in some Policy file's syntax :
// The same permissions in a policy file
grant codeBase "some codebase path" {
permission java.util.PropertyPermission "jsk.home", "read";
permission java.util.PropertyPermission "jsk.port", "read, write";
permission java.io.FilePermission "<<ALL FILES>>", "read";
};
//eof
http://www.osgi.org/javadoc/r4v42/org/osgi/service/permissionadmin/PermissionInfo.html
The format is the same as the encoded format of PermissionInfo for
that permission.
The framework limits the permissions to this set, less permissions may
be granted of course, dependant on the bundle signer.
Cheers,
Peter.
Dennis Reedy wrote:
On Feb 14, 2010, at 524PM, Peter Firmstone wrote:
I guess it could be designed in by noting what permissions are
required in the source code. It is possible that the tool might miss
a permission based on the execution path. That's one thing I like
about OSGi bundles, the author of the bundle specifies the
permissions required to execute the code in the bundle.
I guess I could research this, but its easier to ask :)
Can you give me example(s) of what bundle declared permissions look
like?
Thanks
Dennis
