[jboss-cvs] JBossAS SVN: r80834 - trunk/testsuite/src/resources/securitymgr.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 11 23:19:18 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-11 23:19:18 -0500 (Tue, 11 Nov 2008)
New Revision: 80834
Modified:
trunk/testsuite/src/resources/securitymgr/server.policy
Log:
JBAS-4154: updated fine grained security manager policy (vfs entries)
Modified: trunk/testsuite/src/resources/securitymgr/server.policy
===================================================================
--- trunk/testsuite/src/resources/securitymgr/server.policy 2008-11-12 01:11:54 UTC (rev 80833)
+++ trunk/testsuite/src/resources/securitymgr/server.policy 2008-11-12 04:19:18 UTC (rev 80834)
@@ -25,161 +25,123 @@
grant codeBase "file:${jboss.home.dir}/bin/-" {
permission java.security.AllPermission;
};
+
grant codeBase "file:${jboss.home.dir}/lib/-" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.home.dir}/server/lib/-" {
+
+grant codeBase "vfszip:${jboss.home.dir}/lib/-" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+
+grant codeBase "vfszip:${jboss.home.dir}/server/lib/-" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+
+grant codeBase "vfszip:${jboss.server.home.dir}/lib/-" {
permission java.security.AllPermission;
};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
grant codeBase "file:${jboss.server.home.dir}/work/-" {
permission java.security.AllPermission;
};
+grant codeBase "vfszip:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
-
//***************************************
// Trusted Specific JBoss Code
//**************************************
-grant codeBase "file:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/http-invoker.sar!/invoker.war" {
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
permission javax.management.MBeanTrustPermission "register";
permission java.net.SocketPermission "*", "accept,listen,resolve";
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jmx-remoting.sar!/-" {
- permission javax.management.MBeanTrustPermission "register";
- permission java.net.SocketPermission "*", "accept,listen,resolve";
-};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
permission java.security.AllPermission;
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jboss-web-service.jar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
permission java.security.AllPermission;
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jbossweb.jar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
permission java.security.AllPermission;
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jsf-libs/-" {
- permission java.security.AllPermission;
-};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jasper-jdt.jar/-" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jstl.jar/-" {
- permission java.security.AllPermission;
-};
-
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
permission javax.management.MBeanTrustPermission "register";
permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
permission java.io.FilePermission "<<ALL FILES>>", "read";
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/management/console-mgr.sar!/-" {
- permission javax.management.MBeanTrustPermission "register";
- permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
- permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
- permission java.io.FilePermission "<<ALL FILES>>", "read";
-};
-grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
permission javax.management.MBeanTrustPermission "register";
permission javax.management.MBeanPermission "*", "getAttribute";
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar!/-" {
- permission javax.management.MBeanTrustPermission "register";
- permission javax.management.MBeanPermission "*", "getAttribute";
- permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
-};
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
permission java.lang.RuntimePermission "setContextClassLoader";
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar/-" {
- permission java.lang.RuntimePermission "setContextClassLoader";
- permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
- permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
- permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
-};
-
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
permission java.security.AllPermission;
};
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar!/quartz-ra.jar/-" {
- permission java.security.AllPermission;
-};
-
-
//***************************************************************
// JBoss AS Test Suite Permissions
//***************************************************************
// Permissions for the WarPermissionsUnitTestCase
-grant codeBase "file:${jboss.test.deploy.dir}/securitymgr/-" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/securitymgr/-" {
permission java.util.PropertyPermission "*", "read";
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
};
-grant codeBase "file:${jboss.test.deploy.dir}/jbosstest-web.ear/-" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/jbosstest-web.ear/-" {
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","list,lookup";
permission org.jboss.naming.JndiPermission "env","list";
permission java.io.FilePermission "<<ALL FILES>>", "read";
};
-grant codeBase "file:${jboss.test.deploy.dir}/-" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/-" {
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
};
//This block needs to go when https://jira.jboss.org/jira/browse/JBMESSAGING-1446 is handled
-grant codeBase "file:${jboss.test.deploy.dir}/cts.jar" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cts.jar" {
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
};
More information about the jboss-cvs-commits
mailing list