[ http://issues.apache.org/jira/browse/FELIX-21?page=all ]
Karl Pauls resolved FELIX-21.
-----------------------------
Resolution: Fixed
As of revision 434393 protection domains are used instead of the old code
source approach.
The next steps will be to implement PermissionAdmin and ConfigurationAdmin.
Currently,
permissions are determined from the existing Java Policy on refresh (i.e., are
static). Dynamic
permission will need to switch from pure ProtectionDomain objects to some
BundleProtectionDomain
subclass. See FELIX-22 for some related changes in regard to digitally signed
bundles.
I'm resolving this issue and follow-up on the other security related issues as
appropriated.
> Re-implement Java permission security mechanism to use ProtectionDomains
> ------------------------------------------------------------------------
>
> Key: FELIX-21
> URL: http://issues.apache.org/jira/browse/FELIX-21
> Project: Felix
> Issue Type: Improvement
> Components: Specification compliance, Framework
> Reporter: Richard S. Hall
> Assigned To: Karl Pauls
>
> Currently, Felix security has not been ported forward from old code, although
> much of it remains in place, but it is commented out. There have been some
> changes with respect to the R4 spec that need to be addressed, but it
> probably also makes sense to change the previous approach of code sources to
> protection domains. I believe this approach will improve our ability to deal
> with assigning default permissions as well as supporting dynamic permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
