[jira] [Commented] (FELIX-5911) [Configurator] request FilePermission <>

["Christoph Nölle (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/FELIX-5911?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16591439#comment-16591439 ] 

Christoph Nölle commented on FELIX-5911:
----------------------------------------

In addition, when setting the property

configurator.initial=file:/path/to/file.json

it will try to access a file at arbitrary locations on the disk. What's worse: if a protocol different from "file" is used the access is likely to fail, for instance because Configurator does not have the appropriate network permission. There might be even custom permissions involved, when a custom protocol is used. From my point of view the only solution is to remove the permissions.perm file entirely. This should be fine; the system administrator can still restrict the set of applicable permissions for the bundle, if so desired. At compile time however we do not know which permissions will be needed. 

> [Configurator] request FilePermission <<ALL FILES>>
> ---------------------------------------------------
>
>                 Key: FELIX-5911
>                 URL: https://issues.apache.org/jira/browse/FELIX-5911
>             Project: Felix
>          Issue Type: Bug
>          Components: Configurator
>    Affects Versions: configurator-1.0.4
>            Reporter: Christoph Nölle
>            Priority: Major
>
> Configurator currently requests
> (java.io.FilePermission "-" "read,write,execute,delete")
> in its permissions.perm file (the "-" means all files and subfolders within and below the current working dir). However, the bundle tries to access files in the bundle storage area as well, whose location we cannot anticipate here. It can be configured by means of a framework property, for instance. The correct permission would be
> (java.io.FilePermission "<<ALL FILES>>" "read,write,execute,delete") 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)