felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Pauls (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-5275) Felix & Equinox handling of OSGI-INF/permissions.perm differs
Date Tue, 05 Jul 2016 10:24:10 GMT

    [ https://issues.apache.org/jira/browse/FELIX-5275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15362332#comment-15362332

Karl Pauls commented on FELIX-5275:

Just for completeness sake: 

1) felix should honor the OSGI-INF/permissions.perm file assuming it is run with security
enabled and the framework.security provider being installed (otherwise, its a bug).
2) This has nothing todo whatsoever with Felix honoring the java security policy file (and
for that reason using the 4 arg constructor). Yes, we do that as a (arguably framework specific
- because it not spec'ed) feature but it is perfectly fine from a spec point of view (at least
from my POV). The thing is that one might want to run felix with security enabled but _without_
framework.security installed. We allow that and enable the user to use a normal java security
policy to assign permissions to bundles in that case but that has no impact in this case.

> Felix & Equinox handling of OSGI-INF/permissions.perm differs
> -------------------------------------------------------------
>                 Key: FELIX-5275
>                 URL: https://issues.apache.org/jira/browse/FELIX-5275
>             Project: Felix
>          Issue Type: Bug
>          Components: Configuration Admin, Framework Security
>    Affects Versions: configadmin-1.8.8
>         Environment: Felix config-admin 1.8.8 running on Equinox with SecurityManager
>            Reporter: Derek Baum
> Using Felix config-admin 1.8.8 in Equinox, with a SecurityManager active, causes the
ManagedService.updated() method to get AccessControlExceptions when, for example, accessing
System properties.
> This is caused by:
> #1 OSGI-INF/permissions.perm added to config-admin in FELIX-4039
> #2 Different handling of OSGI-INF/permissions.perm between Felix and Equinox.
> I have previously raised this problem against Equinox (see External Issue URL), and this
is the gist of their analysis:
> ---------------------------
> The felix CM implementation is scoping their own permissions down to a strict subset
of permissions and Equinox is correctly enforcing that subset of permissions.
> So your bundle tries to read a system property, but the CM impl is not authorized to
read that property.
> One complication may be that Felix is allowing its bundle protection domains to be configured
with the java policy file (because their ProtectionDomains are constructed with that 4 arg
> This would seem to break the specified behavior though, because clearly the CM implementation
should never be allowed to have permission to do things outside of what is specified by the
permissions.perm file or that are "implied" permissions auto-granted by the framework for
each bundle.
> -----------------------

This message was sent by Atlassian JIRA

View raw message