You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@felix.apache.org by ri...@apache.org on 2011/03/14 22:31:51 UTC
svn commit: r1081571 -
/felix/trunk/framework/src/main/java/org/apache/felix/framework/ResolverStateImpl.java
Author: rickhall
Date: Mon Mar 14 21:31:50 2011
New Revision: 1081571
URL: http://svn.apache.org/viewvc?rev=1081571&view=rev
Log:
Need to perform security check for fragments and hosts. (FELIX-2858)
Modified:
felix/trunk/framework/src/main/java/org/apache/felix/framework/ResolverStateImpl.java
Modified: felix/trunk/framework/src/main/java/org/apache/felix/framework/ResolverStateImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework/src/main/java/org/apache/felix/framework/ResolverStateImpl.java?rev=1081571&r1=1081570&r2=1081571&view=diff
==============================================================================
--- felix/trunk/framework/src/main/java/org/apache/felix/framework/ResolverStateImpl.java (original)
+++ felix/trunk/framework/src/main/java/org/apache/felix/framework/ResolverStateImpl.java Mon Mar 14 21:31:50 2011
@@ -205,8 +205,21 @@ class ResolverStateImpl implements Resol
{
continue;
}
+ else if (req.getNamespace().equals(Capability.HOST_NAMESPACE) &&
+ (!((BundleProtectionDomain) req.getModule().getSecurityContext())
+ .impliesDirect(new BundlePermission(
+ req.getModule().getSymbolicName(),
+ BundlePermission.FRAGMENT))
+ || !((BundleProtectionDomain) cap.getModule().getSecurityContext())
+ .impliesDirect(new BundlePermission(
+ cap.getModule().getSymbolicName(),
+ BundlePermission.HOST))))
+ {
+ continue;
+ }
}
- else if (req.getNamespace().equals(Capability.HOST_NAMESPACE)
+
+ if (req.getNamespace().equals(Capability.HOST_NAMESPACE)
&& cap.getModule().isResolved())
{
continue;