It asks, how PDE should be extended
to sign plugins? I thought PDE already had this capability when you
export a plug-in from your workspace. There is an option to provide
a private key to sign the plug-in on export from a workspace. Is
there more work to be done here? Is this capability not included
in PDE build yet?
We should probably separate out requirments
for an interface to specify the permissions required by a plug-in in PDE.
This should be orthogonal to signing a bundle. An interface
could be developed to add PermissionInfo data into the OSGI-INF/permissions.perm
file. But we need to be careful here because this file specifies
the maximum set of permissions a bundle will ever need. If the developer
gets it wrong then there is no way an administrator can override the permissions.perm
file to give a bundle more permissions at runtime. Hopefully tooling
can help to identify what permissions a particular bundle needs.
It seems like we need to develop a separate
location to store permission requirements for bundles (maybe in a feature).
And then update could assign the permissions using ConditionalPermissionAdmin
when it installs features.
equinox-dev-bounces@xxxxxxxxxxx wrote on 09/22/2005
> For fun I put this on the Equinox web site at
> After the transition we should have a Wiki on the site and that will
> make things much easier.