[jboss-cvs] JBossAS SVN: r80699 - trunk/testsuite/src/resources/securitymgr.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Nov 7 18:59:32 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-07 18:59:31 -0500 (Fri, 07 Nov 2008)
New Revision: 80699
Modified:
trunk/testsuite/src/resources/securitymgr/server.policy
Log:
JBAS-4154: updated fine grained security manager policy
Modified: trunk/testsuite/src/resources/securitymgr/server.policy
===================================================================
--- trunk/testsuite/src/resources/securitymgr/server.policy 2008-11-07 23:20:59 UTC (rev 80698)
+++ trunk/testsuite/src/resources/securitymgr/server.policy 2008-11-07 23:59:31 UTC (rev 80699)
@@ -73,16 +73,19 @@
permission javax.management.MBeanTrustPermission "register";
permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
};
grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
permission javax.management.MBeanTrustPermission "register";
- permission org.jboss.naming.JndiPermission "HiLoKeyGeneratorFactory","rebind";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind";
};
grant codeBase "file:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
permission java.lang.RuntimePermission "setContextClassLoader";
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
};
@@ -104,10 +107,17 @@
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
};
+//This block needs to go when https://jira.jboss.org/jira/browse/JBMESSAGING-1446 is handled
+grant codeBase "file:${jboss.test.deploy.dir}/cts.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+};
+
// Minimal permissions are allowed to everyone else
grant {
- permission java.io.FilePermission "file:${jboss.server.home.dir}/tmp/-", "read";
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "read";
+ permission java.io.FilePermission "${jboss.server.home.dir}/lib/quartz.jar/org/quartz/quartz.properties", "read";
permission java.io.FilePermission "quartz.properties", "read";
permission java.util.PropertyPermission "*", "read";
permission java.lang.RuntimePermission "queuePrintJob";
More information about the jboss-cvs-commits
mailing list