Community
Participate
Working Groups
Currently, everybody can contribute to every extension point. However, it should be possible to limit this ability in the extension registry using permissions. The basic use cases would be: declare an extension point as protected and allow only trusted bundles to contribute extensions to it. A first step could be as simple as x-friends/x-internal. A second step would be to evaluate the bundle signer certificate chain. Both would not require to run the framework with a security manager and can be evaluated at bundle installation time. A third step could use framework conditional permissions but this requires the security manager.
This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet. If you have further information on the current state of the bug, please add it. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant.