[LOG4J2-348] Java2 Security for OSGi Bundles - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Won't Fix
Affects Version/s: 2.0
Fix Version/s: None
Component/s: API, Appenders, Core, JCL Bridge, Log4j 1.2 bridge
Labels:
- OSGi
- Security
Environment:

OSGi / Apache Felix 4.x

Epic Link:
OSGi Support

Description

OSGi defines permissions for bundles. Bundles should have only those permissions that they need to function. This is very easy to implement. Just add a directory OSGI-INF in the jar and include the file permissions.perm.

Here are some examples
(org.osgi.framework.PackagePermission "package name" "import")
(org.osgi.framework.PackagePermission "package name" "export")
(org.osgi.framework.BundlePermission "groupID.artifactID of Host" "host");
(org.osgi.framework.ServicePermission "class name" "get")
(org.osgi.framework.ServicePermission "class name" "register")
(org.osgi.framework.ConfigurationPermission * "configure")
(org.osgi.framework.AdminPermission * "metadata")

pom

...
<build>
<resources>
<resource>
<directory>OSGI-INF/</directory>
<filtering>true</filtering>
<includes>
<include>permissions.perm</include>
</includes>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
...
<configuration>
...
<instructions>
...
<Include-Resource>

{maven-resources}

,
OSGI-INF/=OSGI-INF/
</Include-Resource>
...
</instructions>
...
</configuration>
...
</plugin>
...

Attachments

Activity

People

Assignee:: Matt Sicker

Reporter:: Roland Weiglhofer

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 14/Aug/13 07:51

Updated:: 01/Dec/23 23:48

Resolved:: 01/Dec/23 23:48