[
https://issues.apache.org/jira/browse/FELIX-5275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15362332#comment-15362332
]
Karl Pauls commented on FELIX-5275:
-----------------------------------
Just for completeness sake:
1) felix should honor the OSGI-INF/permissions.perm file assuming it is run
with security enabled and the framework.security provider being installed
(otherwise, its a bug).
2) This has nothing todo whatsoever with Felix honoring the java security
policy file (and for that reason using the 4 arg constructor). Yes, we do that
as a (arguably framework specific - because it not spec'ed) feature but it is
perfectly fine from a spec point of view (at least from my POV). The thing is
that one might want to run felix with security enabled but _without_
framework.security installed. We allow that and enable the user to use a normal
java security policy to assign permissions to bundles in that case but that has
no impact in this case.
> Felix & Equinox handling of OSGI-INF/permissions.perm differs
> -------------------------------------------------------------
>
> Key: FELIX-5275
> URL: https://issues.apache.org/jira/browse/FELIX-5275
> Project: Felix
> Issue Type: Bug
> Components: Configuration Admin, Framework Security
> Affects Versions: configadmin-1.8.8
> Environment: Felix config-admin 1.8.8 running on Equinox with
> SecurityManager
> Reporter: Derek Baum
>
> Using Felix config-admin 1.8.8 in Equinox, with a SecurityManager active,
> causes the ManagedService.updated() method to get AccessControlExceptions
> when, for example, accessing System properties.
> This is caused by:
> #1 OSGI-INF/permissions.perm added to config-admin in FELIX-4039
> #2 Different handling of OSGI-INF/permissions.perm between Felix and Equinox.
> I have previously raised this problem against Equinox (see External Issue
> URL), and this is the gist of their analysis:
> ---------------------------
> The felix CM implementation is scoping their own permissions down to a strict
> subset of permissions and Equinox is correctly enforcing that subset of
> permissions.
> So your bundle tries to read a system property, but the CM impl is not
> authorized to read that property.
> One complication may be that Felix is allowing its bundle protection domains
> to be configured with the java policy file (because their ProtectionDomains
> are constructed with that 4 arg constructor).
> This would seem to break the specified behavior though, because clearly the
> CM implementation should never be allowed to have permission to do things
> outside of what is specified by the permissions.perm file or that are
> "implied" permissions auto-granted by the framework for each bundle.
> -----------------------
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
