[jboss-cvs] JBossAS SVN: r82060 - branches/JBPAPP_4_2_0_GA_CP/system/src/bin.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Dec 4 19:19:24 EST 2008 

Author: pskopek at redhat.com
Date: 2008-12-04 19:19:23 -0500 (Thu, 04 Dec 2008)
New Revision: 82060

Modified:
   branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy
Log:
JBOSSCC-30: Better comments on sections for security policy. No functional changes.

Modified: branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy	2008-12-04 22:00:17 UTC (rev 82059)
+++ branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy	2008-12-05 00:19:23 UTC (rev 82060)
@@ -3,7 +3,14 @@
 // Author: Anil Saldhana 
 //**********************************************************************
 
-// JBOSS code with codebase references in time of JBOSS startup
+//**********************************************************
+//
+//   Section 1: JBOSS code with codebase references in time 
+//              of JBOSS startup
+//   (Permissions are given fully)
+//   Do not modify this section.
+//
+//**********************************************************
 grant codeBase "file:${user.dir}/run.jar" {
   permission java.security.AllPermission;
 };
@@ -16,13 +23,16 @@
   permission java.security.AllPermission;
 };
 
+//******************* End of Section 1 **********************
+
 //**********************************************************
 //
-//   Section 1:  Java JDK Core Code
+//   Section 2:  Java JDK Core Code
+//               Trusted core Java code
 //   (Permissions are given fully)
+//   Do not modify this section.
 //
-//*********************************************************
-// Trusted core Java code
+//**********************************************************
 grant codeBase "file:${java.home}/lib/ext/-" {
    permission java.security.AllPermission;
 };
@@ -34,17 +44,17 @@
    permission java.security.AllPermission;
 };
 
-//*******************End JDK Core**************************
+//******************* End of Section 2 **********************
 
 
-
-//*********************************************************
+//**********************************************************
 //
-//  Section 2: Permissions assigned to JBoss Core Codebase
+//   Section 3:  Permissions assigned to JBoss Core Codebase
+//               Trusted JBoss code
 //
-//*********************************************************
-
-// Trusted core JBoss code
+//   Do not modify this section.
+//
+//**********************************************************
 grant codeBase "file:${jboss.home.dir}/bin/-" {
    permission java.security.AllPermission;
 };
@@ -559,18 +569,25 @@
    permission org.jboss.naming.JndiPermission "JAXR", "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
 };
 
-//**************************************************************
+//******************* End of Section 3 **********************
+
+//**********************************************************
 //
-//  Section 3: JBoss EAP Testsuite Permissions
-//
-//**************************************************************
+//   Section 4: JBoss EAP Testsuite Permissions
+//              
+//   This section is just for test suite purpose and can 
+//   safely removed.
+//   General recomendation: This section should be deleted or 
+//   commented out in production. 
+//**********************************************************
 
+// Testing configuration lib directory permissions
 grant codeBase "file:${user.dir}/../server/cc/lib/-" {
   permission java.security.AllPermission;
 };
 
 // Permissions for the WarPermissionsUnitTestCase
-//Permissions for crypto tests (putProvider)
+// Permissions for crypto tests (putProvider)
 grant codeBase "file:${jboss.test.deploy.dir}/-" {
    permission java.util.PropertyPermission "*", "read";
    permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
@@ -579,7 +596,7 @@
 };
 
 // Following JDBC driver is included just for CC test purpose. 
-// Uncomment this when testing agains Oracle DB or create your own for DB you are using.
+// When you test with different JDBC driver than Oracle DB you have to create your own entries.
 grant codeBase "file:${jboss.server.home.dir}/lib/ojdbc14.jar" {
    permission java.net.SocketPermission "dev68.qa.atl2.redhat.com:1521", "connect";
 
@@ -601,15 +618,28 @@
 
 };
 
-//*******************End JBoss EAP Testsuite Permissions*********
+//******************* End of Section 4 **********************
 
 
 //**************************************************************
 //
-// Section 4: User Applications Permissions
+// Section 5: User Applications Permissions
 //
+// This sections is for user application permissions.
+// Can be modified with care and attention to previously
+// entered permissions.
 //**************************************************************
+
+//  Following lines are here as template for creating JDBC driver permissions entry
+//  specific for your database. If using Oracle, one can copy JDBC driver permissions 
+//  from Section 4.
+//grant codeBase "file:${jboss.server.home.dir}/lib/<your JDBC driver>.jar" {
+//   <grant necessary permissions>
+//};
+
 // Minimal permissions are allowed to everyone else
 grant {
    permission java.lang.RuntimePermission "queuePrintJob";
 };
+
+//******************* End of Section 5 **********************

More information about the jboss-cvs-commits mailing list