[equinox-dev] OSGi security manager in Equinox

[Borislav Kapukaranov <b.kapukaranov@xxxxxxxxx>]

Hi folks,

I'm playing with OSGi's security manager in Equinox and the implementation of the Conditional Permissions Admin called SecurityAdmin.

My setup is Equinox + some other bundles. This is launched by the equinox.launcher and I've passed the following as system properties:

-Declipse.security=osgi

-Djava.security.policy="my.policy

The policy looks like that

keystore "myKeystore";

grant signedBy "myself" { 

permission java.security.AllPermission;

};

I have signed all bundles in /plugins with that keystore and granted them all premissions with the policy.

The first thing I noticed is that without a policy file the framework still starts. That is because when we are in OSGi security mode the launcher adds all permissions to itself and the framework.

I created a simple bundle that in its Activator creates a directory at a location different from it's data file. It doesn't have any local permissions.

The call went into the EquinoxSecurityManager then started checking for implied permissions at the AccessControlContext. The important point is checking the Protection Domains. It went through two of them:

1. The system bundle's protection domain as the system bundle triggered the Activator of my bundle.

2. The bundle's protection domain, probably for local permissions.

1) has all permission as it is the framework and 2) doesn't have any local permission therefore by specification gets AllPermission.

So far so good.

My question is how the EquinoxSecurityManager is expected to be configured? From what I've seen the policy file syntax doesn't support the permission syntax defined in the OSGi specification(ALLOW, DENY).

Does that mean OSGi's security manager is configured only by a bundle interacting with the Conditional Permission Admin service?

Also does the policy file play any role at all in such setup? I suspect it's relevant only for pure Java security setup.

Thanks,

Borislav