You are viewing a plain text version of this content. The canonical link for it is here.
Posted to log4j-dev@logging.apache.org by "Łukasz Dywicki (JIRA)" <ji...@apache.org> on 2014/04/22 10:49:17 UTC
[jira] [Commented] (LOG4J2-348) Java2 Security for OSGi Bundles
[ https://issues.apache.org/jira/browse/LOG4J2-348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13976555#comment-13976555 ]
Łukasz Dywicki commented on LOG4J2-348:
---------------------------------------
You don't need any extra entries in maven-bundle-plugin configuration as long as you will place permission file in src/main/resources/OSGI-INF.
> Java2 Security for OSGi Bundles
> -------------------------------
>
> Key: LOG4J2-348
> URL: https://issues.apache.org/jira/browse/LOG4J2-348
> Project: Log4j 2
> Issue Type: Improvement
> Components: API, Appenders, Core, JCL Bridge, log4j 1.2 emulation
> Affects Versions: 2.0
> Environment: OSGi / Apache Felix 4.x
> Reporter: Roland Weiglhofer
> Assignee: Matt Sicker
> Priority: Minor
> Labels: OSGi, Security
> Fix For: 2.0
>
>
> OSGi defines permissions for bundles. Bundles should have only those permissions that they need to function. This is very easy to implement. Just add a directory OSGI-INF in the jar and include the file permissions.perm.
> Here are some examples
> (org.osgi.framework.PackagePermission "package name" "import")
> (org.osgi.framework.PackagePermission "package name" "export")
> (org.osgi.framework.BundlePermission "groupID.artifactID of Host" "host");
> (org.osgi.framework.ServicePermission "class name" "get")
> (org.osgi.framework.ServicePermission "class name" "register")
> (org.osgi.framework.ConfigurationPermission * "configure")
> (org.osgi.framework.AdminPermission * "metadata")
> pom
> ...
> <build>
> <resources>
> <resource>
> <directory>OSGI-INF/</directory>
> <filtering>true</filtering>
> <includes>
> <include>permissions.perm</include>
> </includes>
> </resource>
> </resources>
> <plugins>
> <plugin>
> <groupId>org.apache.felix</groupId>
> <artifactId>maven-bundle-plugin</artifactId>
> ...
> <configuration>
> ...
> <instructions>
> ...
> <Include-Resource>
> {maven-resources},
> OSGI-INF/=OSGI-INF/
> </Include-Resource>
> ...
> </instructions>
> ...
> </configuration>
> ...
> </plugin>
> ...
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org