Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-4039

Add Permissions file in ConfigAdmin bundle

    XMLWordPrintableJSON

Details

    Description

      Most of felix bundles should have a permissions file.

      For ConfigAdmin bundle, I suggest the following content for "OSGI-INF/permissions.perm" file:

      1. Apache Felix Configuration Admin Service
      2. Bundle permissions
        #
      1. Imported/Exported packages
      2. -> MANIFEST.MF
        (org.osgi.framework.PackagePermission "org.osgi.service.log" "import")
        (org.osgi.framework.PackagePermission "org.osgi.framework" "import")
        (org.osgi.framework.PackagePermission "org.osgi.service.cm" "import,exportonly")
        (org.osgi.framework.PackagePermission "org.apache.felix.cm" "import,exportonly")
        (org.osgi.framework.PackagePermission "org.apache.felix.cm.file" "import,exportonly")
      1. General bundle permissions
        (java.util.PropertyPermission "felix.cm.*" "read")
        (org.osgi.framework.ServicePermission "org.apache.felix.cm.*" "get,register")
        (org.osgi.framework.ServicePermission "org.osgi.service.cm.*" "get,register")
        (org.osgi.framework.ServicePermission "org.osgi.service.log.LogService" "get")
      1. Manage configurations
      2. -> ConfigurationAdminImpl
        (org.osgi.framework.AdminPermission "*" "metadata")
        (org.osgi.service.cm.ConfigurationPermission "*" "configure,target")
      1. Handle persistent configuration files
      2. -> FilePersistenceManager
        (java.util.PropertyPermission "user.dir" "read")
        (java.io.FilePermission "-" "read,write,execute,delete")
      3. -> ConfigurationManager
        (org.osgi.framework.ServicePermission "org.apache.felix.cm.PersistenceManager" "register")

      Note: I have extracted those permissions from code analysis then tested the suggested file in simple examples.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. FELIX-4513 Add Permissions file in EventAdmin bundle

          • Major - Major loss of function.
          • Open

          Improvement - An improvement or enhancement to an existing feature or task. FELIX-4514 Add Permissions file in fileinstaller bundle

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. FELIX-4362 Security ConfigAdmin permissions are inherited on the stack

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              fmeschbe Felix Meschberger
              romain.dubois Romain Dubois
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: