I have created jira issue FELIX-5162
<https://issues.apache.org/jira/browse/FELIX-5162> . (Please note I cannot
set assignee). I have set priority to "minor" as there is a work around (run
on java7).
I am not sure I understand what you mean by "_grant_ SocketPermission in
java8". The security.policy file needs to have at least the following one
entry at the end;
> ...
> ALLOW {
> ( java.security.AllPermission "*" "*")
> } "Give all permissions to all bundles"
If I remove that one permission (and I use p1-policy bundle) nothing works.
If I change the DENY rule to ALLOW and I leave MyCheck the same (returns
true) the connection is allowed. If I change MyCheck to return "false" it
still connects to remote server. My understanding is that the next rule
(give all permission to all bundles) is checked and this returns a true for
all permissions.
Attached is another not-OSGi example I made. This one has a "get.jar" which
does the same thing as "p1-evil" bundle (i.e. - connect to a remote site). I
have placed the following "all.policy" file:
> grant { permission java.net.SocketPermission "*", "connect,resolve"; };
I run it as follows using the command "java -Djava.security.manager
-Djava.security.policy=all.policy -jar get.jar". This works the same on
Java1.7 and Java1.8.
get.zip <http://apache-felix.18485.x6.nabble.com/file/n5016178/get.zip>
--
View this message in context:
http://apache-felix.18485.x6.nabble.com/Security-Conditions-not-working-on-Java-1-8-tp5016167p5016178.html
Sent from the Apache Felix - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@felix.apache.org
For additional commands, e-mail: users-h...@felix.apache.org
