[jboss-cvs] JBossAS SVN: r80848 - branches/JBPAPP_4_2_0_GA_CP/system/src/bin.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Nov 12 04:48:27 EST 2008
Author: pskopek at redhat.com
Date: 2008-11-12 04:48:27 -0500 (Wed, 12 Nov 2008)
New Revision: 80848
Modified:
branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy
Log:
JBOSSCC-7: Policy changes regarding oracle JDBC driver. Minor tidy up and missing permission added.
Modified: branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy 2008-11-12 09:22:14 UTC (rev 80847)
+++ branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy 2008-11-12 09:48:27 UTC (rev 80848)
@@ -542,6 +542,8 @@
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.PrivateCredentialPermission "javax.resource.spi.security.PasswordCredential * \"*\"", "read";
+ permission javax.security.auth.PrivateCredentialPermission "javax.crypto.spec.SecretKeySpec * \"*\"", "read";
+ permission javax.security.auth.PrivateCredentialPermission "org.jboss.security.srp.SRPParameters * \"*\"", "read";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "accessClassInPackage.*";
@@ -551,7 +553,8 @@
permission javax.security.auth.AuthPermission "createLoginContext.*";
permission javax.security.auth.AuthPermission "getLoginConfiguration";
-
+
+ permission java.net.SocketPermission "*", "connect,accept,resolve";
};
@@ -567,12 +570,25 @@
permission java.util.PropertyPermission "*", "read";
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
permission java.security.SecurityPermission "putProviderProperty.JBossSX";
- permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>", "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>", "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
};
-// Following JDBC driver is included just for CC test purpose
+// Following JDBC driver is included just for CC test purpose.
+// Uncomment this when testing agains Oracle DB or create your own for DB you are using.
grant codeBase "file:${jboss.server.home.dir}/lib/ojdbc14.jar" {
- permission java.security.AllPermission;
+ permission java.net.SocketPermission "dev68.qa.atl2.redhat.com:1521", "connect";
+
+ permission java.util.PropertyPermission "oracle.net.wallet_location", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.TcpNoDelay", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.defaultNChar", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.useFetchSizeWithLongColumn", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.convertNcharLiterals", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.V8Compatible", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.J2EE13Compliant", "read";
+ permission java.util.PropertyPermission "oracle.jdbc.FastConnectionFailover", "read";
+ permission java.util.PropertyPermission "oracle.net.tns_admin", "read";
+ permission java.util.PropertyPermission "line.separator", "read";
+ permission java.util.PropertyPermission "user.name", "read";
};
//*******************End JBoss EAP Testsuite Permissions*********
@@ -585,7 +601,5 @@
//**************************************************************
// Minimal permissions are allowed to everyone else
grant {
- permission java.util.PropertyPermission "*", "read";
permission java.lang.RuntimePermission "queuePrintJob";
- permission java.net.SocketPermission "*", "connect";
};
More information about the jboss-cvs-commits
mailing list