felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Pauls <karlpa...@gmail.com>
Subject Re: Permissions and 3rd party bundles
Date Sun, 04 Nov 2012 19:33:27 GMT
Well, depends on the answer you want to hear :-)

In general, you need to give each bundle the permissions it needs. In osgi,
this also applies to all bundles on the call stack (unless you shortcut
it). So yeah, at the basic level this is what you'll end-up doing.

However, typically, you find some way to group things together so that you
can give different sets of permissions to different sets of bundles. There
are various ways to do this, maybe the two most common one are: by location
(you can give wildcards in the bundlelocationcondition path) or by signer
(you can digitally sign bundles and use the cn of the certificate in a
bundlesignercondition). Dependening on your use case, you might also want
to look into custom conditions.

Ultimately, if you are serious about using security, you might want to read
a bit more about it. The OSGi core specification has some chapters on it in
terms of the digital signing of bundles as well as the conditional
permission admin. Furthermore, there are some slides around from a tutorial
I did together with Marcel a long time ago (i.e., they are reasonable
outdated but still might give you some ideas):

http://felix.apache.org/site/presentations.data/Building%20Secure%20OSGi%20Applications%20Workshop.pdf

Last but not least, you might want to consider to read the chapter on
security in "OSGi in Action". It covers what you need and comes with
example code.

regards,

Karl

p.s.: I'm always interested when people do use security so feel more than
welcome to ask questions :-)


On Sun, Nov 4, 2012 at 5:07 PM, bokie <jms.cercas@gmail.com> wrote:

> Hi,
>
> I have the following setup to provide logging:
>  - slf4j.api-1.7.2.jar
>  - ch.qos.logback.core-1.0.7.jar
>  - ch.qos.logback.classic-1.0.7.jar
>  - my.logservice.impl.jar => implements org.osgi.service.log.LogService and
> delegates to slf4j
>
> I have also enabled security:
>  - org.apache.felix.framework.security-2.0.1.jar
>  - my.platformsecurity.impl.jar => using ConditionalPermissionAdmin
>
> The only way I get this setup to work is to give the four logging bundles
> the same permissions which seems a little verbose:
> allow {
>   [org.osgi.service.condpermadmin.BundleLocationCondition
> "bundles/dropins/ch.qos.logback.core-1.0.7.jar"]
>   (org.osgi.framework.PackagePermission "ch.qos.logback.core" "exportonly")
>   (org.osgi.framework.PackagePermission "ch.qos.logback.core.*"
> "exportonly")
>   (org.osgi.framework.PackagePermission "org.xml.sax" "import")
>   (org.osgi.framework.PackagePermission "org.xml.sax.helpers" "import")
>   (org.osgi.framework.PackagePermission "javax.xml.parsers" "import")
>   (java.lang.RuntimePermission "getClassLoader" "")
>   (java.util.PropertyPermission "*" "read")
>   (java.io.FilePermission "config/-" "read")
>   (java.io.FilePermission "logs" "read")
>   (java.io.FilePermission "logs/-" "read,write,delete")
> } "ch.qos.logback.core"
>
> allow {
>   [org.osgi.service.condpermadmin.BundleLocationCondition
> "bundles/dropins/ch.qos.logback.classic-1.0.7.jar"]
>   (org.osgi.framework.PackagePermission "org.slf4j.impl" "exportonly")
>   (org.osgi.framework.PackagePermission "org.slf4j" "import")
>   (org.osgi.framework.PackagePermission "org.slf4j.*" "import")
>   (org.osgi.framework.PackagePermission "ch.qos.logback.core" "import")
>   (org.osgi.framework.PackagePermission "ch.qos.logback.core.*" "import")
>   (org.osgi.framework.PackagePermission "javax.naming" "import")
>   (org.osgi.framework.PackagePermission "org.xml.sax" "import")
>   (java.lang.RuntimePermission "getClassLoader" "")
>   (java.util.PropertyPermission "*" "read")
>   (java.io.FilePermission "config/-" "read")
>   (java.io.FilePermission "logs" "read")
>   (java.io.FilePermission "logs/-" "read,write,delete")
> } "ch.qos.logback.classic"
>
> allow {
>   [org.osgi.service.condpermadmin.BundleLocationCondition
> "bundles/dropins/slf4j.api-1.7.2.jar"]
>   (org.osgi.framework.PackagePermission "org.slf4j" "exportonly")
>   (org.osgi.framework.PackagePermission "org.slf4j.helpers" "exportonly")
>   (org.osgi.framework.PackagePermission "org.slf4j.spi" "exportonly")
>   (org.osgi.framework.PackagePermission "org.slf4j.impl" "import")
>   (java.lang.RuntimePermission "getClassLoader" "")
>   (java.util.PropertyPermission "*" "read")
>   (java.io.FilePermission "config/-" "read")
>   (java.io.FilePermission "logs" "read")
>   (java.io.FilePermission "logs/-" "read,write,delete")
>   (java.security.AllPermission)
> } "slf4j.api"
>
> allow {
>   [org.osgi.service.condpermadmin.BundleLocationCondition
> "bundles/dropins/my.logservice.impl.jar"]
>   (org.osgi.framework.PackagePermission "org.osgi.framework" "import")
>   (org.osgi.framework.PackagePermission "org.osgi.service.log" "import")
>   (org.osgi.framework.PackagePermission "org.slf4j" "import")
>   (org.osgi.framework.ServicePermission "org.osgi.service.log.LogService"
> "register")
>   (java.lang.RuntimePermission "getClassLoader" "")
>   (java.util.PropertyPermission "*" "read")
>   (java.io.FilePermission "config/-" "read")
>   (java.io.FilePermission "logs" "read")
>   (java.io.FilePermission "logs/-" "read,write,delete")
> } "my.logservice.impl"
>
> Is this "proliferation" of permissions generally required - is this
> "normal"
> ?
>
> Thanks,
> Bokie
>
>
>
>
>
>
>
>
>
>
> --
> View this message in context:
> http://apache-felix.18485.n6.nabble.com/Permissions-and-3rd-party-bundles-tp5000253.html
> Sent from the Apache Felix - Users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>


-- 
Karl Pauls
karlpauls@gmail.com
http://twitter.com/karlpauls
http://www.linkedin.com/in/karlpauls
https://profiles.google.com/karlpauls

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message