[jboss-cvs] JBoss Messaging SVN: r5776 - trunk/tests/config.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Feb 2 10:04:42 EST 2009 

Author: jmesnil
Date: 2009-02-02 10:04:41 -0500 (Mon, 02 Feb 2009)
New Revision: 5776

Modified:
   trunk/tests/config/restricted-security-client.policy
Log:
JBMESSAGING-806: Allow JBM client to run in a jnlp (or other) sandbox

* only 2 permissions are mandatory, all the others are optional and can be omitted without any significant loss of functionality (e.g. emulated random generator instead of using /dev/random)


Modified: trunk/tests/config/restricted-security-client.policy
===================================================================
--- trunk/tests/config/restricted-security-client.policy	2009-02-02 14:45:07 UTC (rev 5775)
+++ trunk/tests/config/restricted-security-client.policy	2009-02-02 15:04:41 UTC (rev 5776)
@@ -1,36 +1,7 @@
 grant {
         // Allow everything for now
         //permission java.security.AllPermission;
-        
-        permission java.util.PropertyPermission "*", "read";
-        permission java.util.PropertyPermission "user.timezone", "write";
 
         permission java.lang.RuntimePermission "accessDeclaredMembers";
-        permission java.lang.RuntimePermission "modifyThread";
-        permission java.lang.RuntimePermission "selectorProvider";
-        permission java.lang.RuntimePermission "loadLibrary.net";
-        permission java.lang.RuntimePermission "loadLibrary.nio";
-        permission java.lang.RuntimePermission "loadLibrary.management";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.provider";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.resources";
-        
-        permission java.net.SocketPermission "*", "connect,resolve";
-
-        permission java.net.NetPermission "specifyStreamHandler";
-
-        permission java.io.FilePermission "/dev/random", "read, write";
-        permission java.io.FilePermission "/dev/urandom", "read";
-        permission java.io.FilePermission "${user.dir}/-", "read";
-        permission java.io.FilePermission "tests/-", "write";
-        permission java.io.FilePermission "${java.home}/-", "read";
-
-        permission java.security.SecurityPermission "getProperty.networkaddress.cache.*";
-        permission java.security.SecurityPermission "getProperty.security.provider.*";
-        permission java.security.SecurityPermission "getPolicy";
-        permission java.security.SecurityPermission "getProperty.securerandom.source";
-        permission java.security.SecurityPermission "putProviderProperty.SUN";
-
-        permission java.util.logging.LoggingPermission "control";
-
-        permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+        permission java.net.SocketPermission "*:1024-", "connect";
 };
\ No newline at end of file

More information about the jboss-cvs-commits mailing list