Yeah, the point is that starting somewhere in java8 sandboxed apps can't
get SocketPermission anymore. In your case that bits backwards as you are
asking for a DENY. Unfortunately, that might imply that one can not grant
SocketPermission anymore either (which would be pretty shitty). Not sure
what can be done about it - if you have some time feel free to create a
jira issue with your examples and assign it to me (it would be great if you
could also test if you can still _grant_ SocketPermission in java8).
regards,
Karl
On Mon, Jan 11, 2016 at 11:31 AM, Simon <simon-pob...@outlook.com> wrote:
> Hi Karl, You are right. With another permission it works.
>
> I created another bundle "p1-evil-fs". The /Activator/ of this bundle lists
> all files in current directory. I changed the rule in "security.policy" as
> follows:
>
> /
> DENY {
> [com.p1.check.MyCheck]
> ( java.io.FilePermission "-" "read" )
> } "MyCheck"
> /
>
> (MyCheck changed to also work for the p1-evil-fs)
>
> For me this worked the same with both java7 and java8. I have attached all
> code.
> So I guess this is an issue with /SocketPermission/?
>
> felix-framework-5.zip
> <
> http://apache-felix.18485.x6.nabble.com/file/n5016171/felix-framework-5.zip
> >
> p1.zip <http://apache-felix.18485.x6.nabble.com/file/n5016171/p1.zip>
>
>
>
> --
> View this message in context:
> http://apache-felix.18485.x6.nabble.com/Security-Conditions-not-working-on-Java-1-8-tp5016167p5016171.html
> Sent from the Apache Felix - Users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@felix.apache.org
> For additional commands, e-mail: users-h...@felix.apache.org
>
>
--
Karl Pauls
karlpa...@gmail.com
http://twitter.com/karlpauls
http://www.linkedin.com/in/karlpauls
https://profiles.google.com/karlpauls
