You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@karaf.apache.org by frm <fr...@gordijn.org> on 2022/09/02 17:17:27 UTC

Isolation in Karaf/OSGI

 Hi,

My question is about the isolation between bundles.
I understand that one bundle can monopolize the processor and the memory, and in that sense one can not speak of strict isolation.

However, is it possible that bundle B calls a function in bundle A that is NOT exported by bundle A, e.g. by means of reflection?
In other words: can I safely assume that a function in bundle B can ONLY call functions in bundle A that are exported.
I take here a security perspective on the notion of isolation.


Thanks for your answer,

Best,

-- Jaap

Re: Isolation in Karaf/OSGI

Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.

Hi,

It's possible at service level by using Karaf ACL.

Regards
JB

On Fri, Sep 2, 2022 at 9:51 PM frm <fr...@gordijn.org> wrote:
>
> Thanks for the answer.
>
>
>
> Is it solvable by the Java Security Framework, restricting access to elements in a bunble?
>
>
>
> Van: Grzegorz Grzybek <gr...@gmail.com>
> Verzonden: vrijdag 2 september 2022 20:21
> Aan: user@karaf.apache.org
> Onderwerp: Re: Isolation in Karaf/OSGI
>
>
>
> Hello
>
>
>
> pt., 2 wrz 2022 o 19:15 frm <fr...@gordijn.org> napisał(a):
>
>  Hi,
>
> My question is about the isolation between bundles.
> I understand that one bundle can monopolize the processor and the memory, and in that sense one can not speak of strict isolation.
>
>
>
> Sure - and bundle can't give you any isolation in this regard. CPU can be monopolized by a thread (many threads) started by any bundle. Same for memory and nasty allocation.
>
>
>
>
> However, is it possible that bundle B calls a function in bundle A that is NOT exported by bundle A, e.g. by means of reflection?
>
>
>
> Yes, it is possible - it's a matter of grabbing an instance of an object - you can get it at lowest level by instantiating a class from bundle A using code from bundle B. All you need is reflection, class name and classloader - the classloader can be obtained for any bundle.
>
>
>
> In other words: can I safely assume that a function in bundle B can ONLY call functions in bundle A that are exported.
>
> I take here a security perspective on the notion of isolation.
>
>
>
> No, you can't assume that.
>
>
>
> kind regards
>
> Grzegorz Grzybek
>
>
>
>
>
> Thanks for your answer,
>
> Best,
>
> -- Jaap

RE: Isolation in Karaf/OSGI

Posted by frm <fr...@gordijn.org>.

Thanks for the answer.

 

Is it solvable by the Java Security Framework, restricting access to elements in a bunble?

 

Van: Grzegorz Grzybek <gr...@gmail.com> 
Verzonden: vrijdag 2 september 2022 20:21
Aan: user@karaf.apache.org
Onderwerp: Re: Isolation in Karaf/OSGI

 

Hello

 

pt., 2 wrz 2022 o 19:15 frm <frm@gordijn.org <ma...@gordijn.org> > napisał(a):

 Hi,

My question is about the isolation between bundles.
I understand that one bundle can monopolize the processor and the memory, and in that sense one can not speak of strict isolation.

 

Sure - and bundle can't give you any isolation in this regard. CPU can be monopolized by a thread (many threads) started by any bundle. Same for memory and nasty allocation.

 


However, is it possible that bundle B calls a function in bundle A that is NOT exported by bundle A, e.g. by means of reflection?

 

Yes, it is possible - it's a matter of grabbing an instance of an object - you can get it at lowest level by instantiating a class from bundle A using code from bundle B. All you need is reflection, class name and classloader - the classloader can be obtained for any bundle.

 

In other words: can I safely assume that a function in bundle B can ONLY call functions in bundle A that are exported. 

I take here a security perspective on the notion of isolation.

 

No, you can't assume that.

 

kind regards

Grzegorz Grzybek 

 



Thanks for your answer,

Best,

-- Jaap

Re: Isolation in Karaf/OSGI

Posted by Grzegorz Grzybek <gr...@gmail.com>.

Hello

pt., 2 wrz 2022 o 19:15 frm <fr...@gordijn.org> napisał(a):

>  Hi,
>
> My question is about the isolation between bundles.
> I understand that one bundle can monopolize the processor and the memory,
> and in that sense one can not speak of strict isolation.
>

Sure - and bundle can't give you any isolation in this regard. CPU can be
monopolized by a thread (many threads) started by any bundle. Same for
memory and nasty allocation.


>
> However, is it possible that bundle B calls a function in bundle A that is
> NOT exported by bundle A, e.g. by means of reflection?
>

Yes, it is possible - it's a matter of grabbing an instance of an object -
you can get it at lowest level by instantiating a class from bundle A using
code from bundle B. All you need is reflection, class name and classloader
- the classloader can be obtained for any bundle.


> In other words: can I safely assume that a function in bundle B can ONLY
> call functions in bundle A that are exported.

I take here a security perspective on the notion of isolation.
>

No, you can't assume that.

kind regards
Grzegorz Grzybek


>
> Thanks for your answer,
>
> Best,
>
> -- Jaap
>
>