質問
I've run into a problem trying to limit actions that the OSGi bundle can perform. According to the documents I've read, permissions for OSGi bundles should be set in OSGI-INF/permissions.perm file within bundle's JAR. However, no matter what I write in that file (and no matter if this file exists or not), bundles seem to have AllPermissions. More specifically, I start OSGi from command line with command
https://stackoverflow.com/questions/22830344
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianD:\temp\2>java -jar org.eclipse.osgi_3.3.2.R33x_v20080105.jar -console
-Djava.security.manager=org.eclipse.osgi.framework.internal.core.FrameworkSecurityManager
Then I install bundle with command
osgi> install file:/d:/temp/2/J1.jar
and start it. When I try to perform an operation that should be restricted (e.g., accessing a file, loading a library, etc.), operation always succeeds, even with empty permissions.perm file. How do I make permissions specified in permissions.perm file active?
解決
The permissions.perm does not specify what the bundle may do. It specifies what the bundle wants to do: See http://www.javacodegeeks.com/2012/11/permissions-in-osgi.html
So this file seems to be there to be able to fail fast if permissions are missing. You can even leave it out if this is not necessary for you.
The real security settings have to be done on the framework. See this for felix: https://felix.apache.org/documentation/subprojects/apache-felix-framework-security.html
他のヒント
Managed to get the thing working - checked in my code if the SecurityManager was available or not. It seemed that on old version of OSGi JAR I've used security manager was not working. I've tried org.eclipse.osgi_3.7.2.v20120110-1415.jar instead, and permissions set for bundle in OSGI-INF/permissions.perm file work fine.
