felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Pauls <karlpa...@gmail.com>
Subject Re: Problems with ConditionalPermissionAdmin
Date Thu, 03 Apr 2014 11:48:50 GMT
In regard to 1) you could consider bundling the two together (see an
example of this here:
http://svn.apache.org/repos/asf/felix/sandbox/rickhall/ct-launcher/)

In regard to 2) you'd have to first give me a bit more details: are you
saying your bundles can not r/w any file or that they _can_ r/w files they
shouldn't? Furthermore, did you test that permission assignment based on
your OTHER certificate is working at all like this (i.e., with a simple
bundle and a simple permission)? It's sometimes not that easy to get a
correct filter for the dn...

regards,

Karl


On Thu, Apr 3, 2014 at 12:28 PM, Andrea Carlino
<andrea.carlinoa@gmail.com>wrote:

> Dear all,
> I'm designing a system based on Felix, which should allow certain operation
> only to certain bundles.
>
> I followed basic and clear scheme from:
> https://code.google.com/p/osgi
>
> -in-action/source/browse/trunk/chapter14/#chapter14%2Fcombined-example%2Forg.foo.policy
>
> I have a "philosophical" and a technical question:
>
>    1. Philosophical: The ConditionalPermissionAdmin is operating only if
>    the custom bundle committing the ConditionalPermissionInfo is up and
>    running. If for any reason this is not correctly starting the
>    ConditionalPermission are not considered at all. Is this really a safe
>    way to implement security? Are there other ways to enforce this
> mechanism?
>    (I've seen some documentation and tutorials on OSGi security
>    implementation in Felix, but everything seems partial, fragmentary and
> not
>    up-to-date...If you have some good resources please share them)
>    2. Technical:I have bundles signed by ME, which should be allowed to
>    write and read files everywhere within the Felix folders tree and some
>    other bundles signed by OTHERS which should be allowed only to read from
>    subfolder ./readableFolder. Every other system bundle which is not I
>    think I tried every possibility but nothing is working...I need help for
>    this... Below my security.policy file that I expected to work,
> according to
>    what I understood so far (reference from project linked before, modified
>    with indications from OSGi rev5. specifications and
>
> http://www.knopflerfish.org/releases/3.2/docs/osgi_with_security.html#easyto
> adapt to Windows Environment)
>
> ALLOW {
>
> [org.osgi.service.condpermadmin.BundleSignerCondition "*; O=OTHER"]
>
> ( java.io.FilePermission "file:.\\readableFolder\\\*" "read")
>
> } "Allow bundles signed by OTHER to read every file in readableFolder "
>
>
> DENY {
>
> [org.osgi.service.condpermadmin.BundleSignerCondition "*; O=OTHER"]
>
> ( java.io.FilePermission "*" "*")
>
> } "Deny bundles signed by OTHER to read and write file everywhere else"
>
>
> ALLOW {
>
>    ( java.security.AllPermission "*" "*")
>
> } "Give all other not denied permissions to all bundles"
>
>
> In the end, what is the logic more restrictive conditions first, right?
>
>
> I've already spent a lot of time on this without success...any help or hint
> is highly appreciated (and needed :-)  )!
>
> Thanks,
> Andrea
>



-- 
Karl Pauls
karlpauls@gmail.com
http://twitter.com/karlpauls
http://www.linkedin.com/in/karlpauls
https://profiles.google.com/karlpauls

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message