[equinox-dev] Security Doubts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[equinox-dev] Security Doubts

From: "David Conde" <dconde@xxxxxxxx>
Date: Fri, 8 May 2009 14:30:15 +0200
Delivered-to: equinox-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/equinox-dev>
List-help: <mailto:equinox-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/equinox-dev>, <mailto:equinox-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/equinox-dev>, <mailto:equinox-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AcnP2L1EoaowLufQRIW3hzGMbUEcCA==

Hi everyone,

These previous days I have been trying and reading a lot about securiy in OSGI. I tried Local Permissions in Equinox and they were ok, and I either tried with some examples using Conditional Permissions and I did not got any result at all.

I have tried with this example : http://dz.prosyst.com/pdoc/mbs_ext_6.1/um/meg/developer/osgi/mobile_conditions/mobile_conditions.html

Changing it to include both BundleLocationCondition and BundleSignerCondition but no result at all. I would like to know if somebody has done some example with Conditional Permission in Equinox and he got any result. Could people who got the expected results with Conditional Permission tell me this scenario where Conditional Permission Works?Either if I need some special permissions or some special way of launching Equinox Framework by console using special options.

I have tried with several versions of Equinox, 3.3, 3.4, 3.5. In Equinox 3.5 when I launch with Security options, typing security.manager parameter equal to “osgi”, I do not get anything, I do not get neither Exception nor anything, just it is like no command was launched.

With Equinox 3.4 I achieved to run Local Permissions, but when I tried with Equinox 3.5 in order to check Conditional Permissions but I haven’t get any result. It is like nothing is taking into account what I write in PermissionManager (see the link written above). What do I need in my PermissionManager Bundle to grant permissions? I put ALLPermission in this bundle, but Do I need any permission else?

The last question, why Don’t Equinox verify my bundles signature when I install them handly by console using install command? I use a keystore different on the keystore which signed the bundles and I do not get any Exception.

It is strange because whatever keystorename that I write in -Dosgi.framework.keystore=cakeystore.keystore is valid, even If I put a keystore_name invented which does not exit, I do not get any Exception and “OSGI>” environment appears.

So I am sorry for so many questions but I think that I can’t continue without some piece of advice.

Thank you very much in advance

David

Follow-Ups:
- RE: [equinox-dev] Security Doubts
  - From: Pepping, Florian

Prev by Date: RE: [equinox-dev] Conditional Permission are not being checked
Next by Date: RE: [equinox-dev] Security Doubts
Previous by thread: [equinox-dev] .blobstore directory
Next by thread: RE: [equinox-dev] Security Doubts
Index(es):
- Date
- Thread

Breadcrumbs