[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [equinox-dev] Enabling security in Equinox
On Oct 30, 2009, at 1:31 , <tom.hsu@xxxxxxxxxx> <tom.hsu@xxxxxxxxxx>
I now realized that I need to provide system permissions for the
Conditional Permission Admin service in order to secure behaviors of
some installed bundles. Please confirm my understanding:
1. The example showed in the PDF seem to suggest achieving this
using privileged bundle to assign restricted permission objects for
the new bundles.
2. #1 approach needs to be done programmatcally?
Yes, in various places in the OSGi specification, a bundle called the
"management agent" is mentioned. This bundle has a couple of
responsibilities (scattered throughout the spec) and one of them is to
setup and maintain security policies.
3. Is there a way to achieve the restriction of bundles coming from
known location <A> to have a limited set of permissions with a
configuration file like custo_java.policy?
Not that I know of, you'd have to do that programmatically.