|Re: [equinox-dev] Signed bundles|
The option to enable signed bundles in 3.3 is osgi.support.signature.verify (notice "support" and "signature" are reversed). In 3.4 we are introducing a more general option called osgi.signedcontent.support which does not have simple true|false options, but we will continue to recognize the old 3.3. option. Matt is documenting the security options in https://bugs.eclipse.org/bugs/show_bug.cgi?id=217765
The internal security manager class is needed to fully support postponed conditions in ConditionalPermissionAdmin. If postponed conditions are not needed then simply enabling the security manager with -Djava.security.policy="" will enable the built-in security manager which will satisfy most needs.
There is an option called eclipse.security. This option is used by the launcher jar to setup a policy to grant the framework and the launcher AllPermissions and specify the security manager to use. Unfortunately this still requires a reference to an internal class if you want to load a security manager to support postponed conditions. I've opened a bug to investigate making this easier. Perhaps eclipse.security manager can have a value that indicates the framework should load its internal security manager. See https://bugs.eclipse.org/bugs/show_bug.cgi?id=218001.
Jeff McAffer ---02/06/2008 07:47:10 AM---Marcel Offermans wrote:
Jeff McAffer <jeff@xxxxxxxxx>
Equinox development mailing list <equinox-dev@xxxxxxxxxxx>
02/06/2008 07:47 AM
Re: [equinox-dev] Signed bundles