[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] Security Incubator & Extension Registry

Hi Gunnar,
So far Equinox efforts on security-related items were limited to investigation of Sword4J use (Java security permissions). It is all in the exploratory stage as we found that "brute force" approach would take too much effort in both initial implementation and maintenance.

The idea here is to have the basics figured out first, then move to higher-level items such as extension registry and OSGi services. As most items go, priority of this depends on how much interest it gets from the community.

At present there is no API to limit contributions of extensions. As always, patches are welcome; just keep in mind that this is the area likely to be explored more in future and we need to be careful about adding new APIs to it.

Oleg Besedin

Gunnar Wagenknecht <gunnar@xxxxxxxxxxxxxxx>
Sent by: equinox-dev-bounces@xxxxxxxxxxx

01/02/2007 04:12 AM

Please respond to
Equinox development mailing list <equinox-dev@xxxxxxxxxxx>

[equinox-dev] Security Incubator & Extension Registry


Is there any security related work in the Equinox incubator? From the
website it looks like there is some but it looks more like some abstract

For example, I'm looking for a way to limit certain extensions to be
contributed only by a very small subset of plug-ins. I could do it
myself when evaluating the contributed extension but I wonder if there
is some framework API in place/planning for this.

Cu, Gunnar

Gunnar Wagenknecht

equinox-dev mailing list