[jboss-cvs] JBossAS SVN: r80834 - trunk/testsuite/src/resources/securitymgr.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Nov 11 23:19:18 EST 2008 

Author: anil.saldhana at jboss.com
Date: 2008-11-11 23:19:18 -0500 (Tue, 11 Nov 2008)
New Revision: 80834

Modified:
   trunk/testsuite/src/resources/securitymgr/server.policy
Log:
JBAS-4154: updated fine grained security manager policy (vfs entries)

Modified: trunk/testsuite/src/resources/securitymgr/server.policy
===================================================================
--- trunk/testsuite/src/resources/securitymgr/server.policy	2008-11-12 01:11:54 UTC (rev 80833)
+++ trunk/testsuite/src/resources/securitymgr/server.policy	2008-11-12 04:19:18 UTC (rev 80834)
@@ -25,161 +25,123 @@
 grant codeBase "file:${jboss.home.dir}/bin/-" {
    permission java.security.AllPermission;
 };
+
 grant codeBase "file:${jboss.home.dir}/lib/-" {
    permission java.security.AllPermission;
 };
-grant codeBase "file:${jboss.home.dir}/server/lib/-" {
+
+grant codeBase "vfszip:${jboss.home.dir}/lib/-" {
    permission java.security.AllPermission;
 };
-grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+
+grant codeBase "vfszip:${jboss.home.dir}/server/lib/-" {
    permission java.security.AllPermission;
 };
-grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+
+grant codeBase "vfszip:${jboss.server.home.dir}/lib/-" {
    permission java.security.AllPermission;
 };
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deployers/-" {
+   permission java.security.AllPermission;
+};
+
 grant codeBase "file:${jboss.server.home.dir}/work/-" {
    permission java.security.AllPermission;
 };
 
+grant codeBase "vfszip:${jboss.server.home.dir}/work/-" {
+   permission java.security.AllPermission;
+};
 
 
 
-
 //***************************************
 // Trusted Specific JBoss Code
 //**************************************
-grant codeBase "file:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
    permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/http-invoker.sar!/invoker.war" {
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
    permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
 };
 
-grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
    permission javax.management.MBeanTrustPermission "register";
    permission java.net.SocketPermission "*", "accept,listen,resolve";
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jmx-remoting.sar!/-" {
-   permission javax.management.MBeanTrustPermission "register";
-   permission java.net.SocketPermission "*", "accept,listen,resolve";
-};
 
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
    permission java.security.AllPermission;
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jboss-web-service.jar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
    permission java.security.AllPermission;
 };
 
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
    permission java.security.AllPermission;
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jbossweb.jar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
    permission java.security.AllPermission;
 };
 
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
    permission java.security.AllPermission;
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jsf-libs/-" {
-   permission java.security.AllPermission;
-};
 
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
-   permission java.security.AllPermission;
-};
-
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jasper-jdt.jar/-" {
-   permission java.security.AllPermission;
-};
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
-   permission java.security.AllPermission;
-};
-
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jstl.jar/-" {
-   permission java.security.AllPermission;
-};
-
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
    permission javax.management.MBeanTrustPermission "register";
    permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
    permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
    permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/management/console-mgr.sar!/-" {
-   permission javax.management.MBeanTrustPermission "register";
-   permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
-   permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
-   permission java.io.FilePermission "<<ALL FILES>>", "read";
-};
 
-grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
    permission javax.management.MBeanTrustPermission "register";
    permission javax.management.MBeanPermission "*", "getAttribute";
    permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar!/-" {
-   permission javax.management.MBeanTrustPermission "register";
-   permission javax.management.MBeanPermission "*", "getAttribute";
-   permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
-};
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
    permission java.lang.RuntimePermission "setContextClassLoader";
    permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
    permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
    permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar/-" {
-   permission java.lang.RuntimePermission "setContextClassLoader";
-   permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
-   permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
-   permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
-};
-
-
-grant codeBase "file:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
  permission java.security.AllPermission;
 };
 
-grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar!/quartz-ra.jar/-" {
- permission java.security.AllPermission;
-};
-
-
 //***************************************************************
 // JBoss AS Test Suite Permissions
 //***************************************************************
 
 // Permissions for the WarPermissionsUnitTestCase
-grant codeBase "file:${jboss.test.deploy.dir}/securitymgr/-" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/securitymgr/-" {
    permission java.util.PropertyPermission "*", "read";
    permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
    permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
 };
 
-grant codeBase "file:${jboss.test.deploy.dir}/jbosstest-web.ear/-" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/jbosstest-web.ear/-" {
    permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","list,lookup";
    permission org.jboss.naming.JndiPermission "env","list";
    permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
-grant codeBase "file:${jboss.test.deploy.dir}/-" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/-" {
    permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
 };
 
 //This block needs to go when https://jira.jboss.org/jira/browse/JBMESSAGING-1446 is handled
-grant codeBase "file:${jboss.test.deploy.dir}/cts.jar" {
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cts.jar" {
    permission java.lang.RuntimePermission "setContextClassLoader";
    permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
 };

More information about the jboss-cvs-commits mailing list