[jboss-remoting-commits] JBoss Remoting SVN: r3901 - remoting2/branches/2.x/src/etc.

jboss-remoting-commits at lists.jboss.org jboss-remoting-commits at lists.jboss.org
Fri Apr 4 18:47:49 EDT 2008 

Author: ron.sigal at jboss.com
Date: 2008-04-04 18:47:48 -0400 (Fri, 04 Apr 2008)
New Revision: 3901

Added:
   remoting2/branches/2.x/src/etc/remoting.security.policy.core
   remoting2/branches/2.x/src/etc/remoting.security.policy.tests
   remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal
Log:
JBREM-934: Moved test.policy to src/etc and split it into remoting.security.policy.core, remoting.security.policy.tests, and remoting.security.policy.tests.minimal.

Added: remoting2/branches/2.x/src/etc/remoting.security.policy.core
===================================================================
--- remoting2/branches/2.x/src/etc/remoting.security.policy.core	                        (rev 0)
+++ remoting2/branches/2.x/src/etc/remoting.security.policy.core	2008-04-04 22:47:48 UTC (rev 3901)
@@ -0,0 +1,232 @@
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//***************************************************
+//****
+//****   Permissions to run Remoting.  This file is a sample security policy file
+//****   with the permissions necessary to run the code in the org.jboss.remoting.*
+//****   packages.  All security sensitive calls in Remoting are wrapped in a
+//****   java.security.AccessController.doPrivileged() call, so that Remoting classes
+//****   can function in the context of a java.lang.SecurityManager, given the permissions
+//****   listed below, even if the calling code runs without these restrictions.
+//****
+//****   There are two ways in which it may be necessary or desirable to modify the
+//****   the permissions listed below.
+//****
+//****   1. It may be necessary to change the java.io.FilePermission permissions, according
+//****      to the configuration of certain files.  See the "File permissions" section below.
+//****
+//****   2. Some permission may be eliminated, according to which Remoting facilities are used.
+//****
+//****   Other than changes made according to item 1, it should not be necessary to grant
+//****   any additional permissions.
+//****
+//*************************************************** 
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+
+ 
+grant codeBase "file:${build.home}/output/classes/-"
+{
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// File permissions
+
+//    permission java.io.FilePermission "${build.home}", "read";
+//    permission java.io.FilePermission "${build.home}/jboss.identity", "read";
+//    permission java.io.FilePermission "${build.home}", "read";
+//    permission java.io.FilePermission "-", "read";
+
+    // Used by org.jboss.remotinng.callback.CallbackStore.
+    // This permission might need to be changed, depending on where the CallbackStore
+    // is configured to exist, according to system property "jboss.server.data.dir".
+    // The default location is <current directory>/data.
+    permission java.io.FilePermission "./data", "read, write, delete";
+    
+    // Permission for org.jboss.remoting.ident.Identity to create and read "jboss.identity" file.
+    // This permission might need to be changed, depending on the directory in which the
+    // "jboss.identity" file is configured to exist.  That directory is configed according to
+    // 
+    // 1. the "ServerDataDir" attribute of the "jboss.system:type=ServerConfig" MBean, if that MBean exists, or
+    // 2. the "jboss.identity.dir" system property, if that property exists, or
+    // 3. the current directory.
+    permission java.io.FilePermission ".", "read, write";
+//    permission java.io.FilePermission "-", "read, write";
+    
+    
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Used by remote class loading system
+
+    permission java.lang.RuntimePermission "createClassLoader";
+    permission java.lang.RuntimePermission "getClassLoader";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Used by:
+//     org.jboss.remoting.security.SSLSOcketBuilder
+//     org.jboss.remoting.transport.coyote.CoyoteInvoker
+//     org.jboss.remoting.transport.http.HTTPClientInvoker
+//     org.jboss.remoting.transport.servlet.web.ServerInvokerServlet
+//     org.jboss.remoting.transporter.TransporterHandler
+//     org.jboss.remoting.InvokerRegistry
+     
+    permission java.lang.RuntimePermission "accessClassInPackage.*";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// MBean permissions
+
+    permission javax.management.MBeanTrustPermission "register";
+            
+    // org.jboss.remoting.callback.ServerInvokerCallbackHandler ?? getClassLoader
+    permission javax.management.MBeanPermission "*#SSLSocketBuilder[*:*]", "getAttribute";
+//    permission javax.management.MBeanPermission"org.jboss.remoting.security.SSLServerSocketFactoryServiceMBean#-[*:*]", "getClassLoaderFor, isInstanceOf"; 
+//    permission javax.management.MBeanPermission "org.jboss.remoting.security.SSLServerSocketFactoryService#-[*:*]", "getClassLoaderFor";
+    permission javax.management.MBeanPermission "*#-[*:*]", "isInstanceOf";    
+        
+    // org.jboss.remoting.detection.AbstractDetector   // necessary for proxy ?
+    permission javax.management.MBeanPermission "*#addServer[remoting:type=NetworkRegistry]", "invoke";
+    permission javax.management.MBeanPermission "*#updateServer[remoting:type=NetworkRegistry]", "invoke";
+    permission javax.management.MBeanPermission "*#removeServer[remoting:type=NetworkRegistry]", "invoke";
+    permission javax.management.MBeanPermission "*#Servers[*:*]", "getAttribute"; // needed
+
+    
+    // org.jboss.remoting.detection.util.DetectorUtil
+    permission javax.management.MBeanServerPermission "createMBeanServer";
+    permission javax.management.MBeanPermission "org.jboss.remoting.network.NetworkRegistry#-[remoting:type=NetworkRegistry]", "registerMBean";
+    permission javax.management.MBeanPermission "org.jboss.remoting.transport.Connector#-[jboss.remoting:type=Connector,*]", "registerMBean";
+    permission javax.management.MBeanPermission "org.jboss.remoting.detection.*#-[remoting:type=Detector,*]", "registerMBean";
+//   permission javax.management.MBeanPermission "org.jboss.remoting.transport.Connector#-[jboss.remoting:type=Connector,*]", "registerMBean, queryMBeans, isInstanceOf";
+
+    
+    // org.jboss.remoting.ident.Identity
+//    permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "isInstanceOf";
+    permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#MBeanServerId[JMImplementation:type=MBeanServerDelegate]", "getAttribute";
+    permission javax.management.MBeanPermission "-#ServerDataDir[jboss.system:type=ServerConfig]", "getAttribute";
+//    permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "queryMBeans, isInstanceOf";
+        
+    // org.jboss.remoting.network.NetworkRegistryFinder
+    permission javax.management.MBeanPermission "*#-[*:*]", "queryMBeans";
+    
+    // org.jboss.remoting.network.NetworkRegistryQuery // need getClassloaderFor ??
+    permission javax.management.MBeanPermission "org.jboss.remoting.network.NetworkRegistry#-[*:*]", "isInstanceOf";
+
+    // org.jboss.remoting.security.CustomSSLServerSocketFactory // necessary ??
+    permission javax.management.MBeanPermission "org.jboss.remoting.security.CustomSSLServerSocketFactory#*[*:*]", "invoke";
+    
+    // org.jboss.remoting.security.ServerSocketFactoryWrapper
+    permission javax.management.MBeanPermission "*#createServerSocket[*:*]", "invoke";
+    
+    // org.jboss.remoting.transport.Connector // isInstanceOf ??
+    permission javax.management.MBeanPermission "org.jboss.remoting.transport.*#-[jboss.remoting:service=invoker,*]", "registerMBean, unregisterMBean";
+//    permission javax.management.MBeanPermission "org.jboss.remoting.transport.*#-[jboss.remoting:service=invoker,*]", "unregisterMBean, registerMBean, queryMBeans, isInstanceOf";
+   
+    // org.jboss.remoting.transport.servlet.web.ServerInvokerServlet
+    permission javax.management.MBeanServerPermission "findMBeanServer";
+   
+    // org.jboss.remoting.transporter.InternalTransporterServices
+    permission javax.management.MBeanPermission "org.jboss.remoting.network.NetworkRegistry#-[remoting:type=NetworkRegistry]", "registerMBean";
+    
+    // org.jboss.remoting.transporter.TransporterClient and org.jboss.remoting.transporter.Transporter.Server
+    permission javax.management.MBeanServerPermission "createMBeanServer";
+   
+//    permission javax.management.MBeanPermission "*#-[*:*]", "isInstanceOf, registerMBean";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Can't create sockets without it
+
+    permission java.net.SocketPermission "*:*", "accept,connect,listen,resolve";
+    
+    
+/////////////////////////////////////////////////////////////////////////////////////////////
+// System properties accessed by Remoting
+
+    permission java.util.PropertyPermission "SERIALIZATION", "read";
+    permission java.util.PropertyPermission "file.separator", "read";
+    permission java.util.PropertyPermission "http.basic.password", "read";
+    permission java.util.PropertyPermission "http.basic.username", "read";
+    permission java.util.PropertyPermission "javax.net.ssl.keyStore", "read";
+    permission java.util.PropertyPermission "javax.net.ssl.keyStorePassword", "read";
+    permission java.util.PropertyPermission "javax.net.ssl.keyStoreType", "read";
+    permission java.util.PropertyPermission "javax.net.ssl.trustStore", "read";
+    permission java.util.PropertyPermission "javax.net.ssl.trustStorePassword", "read";
+    permission java.util.PropertyPermission "javax.net.ssl.trustStoreType", "read";
+    permission java.util.PropertyPermission "jboss.bind.address", "read";
+    permission java.util.PropertyPermission "jboss.identity", "read, write";
+    permission java.util.PropertyPermission "jboss.identity.dir", "read";
+    permission java.util.PropertyPermission "jboss.identity.domain", "read";
+    permission java.util.PropertyPermission "jboss.remoting.compression.debug", "read";   
+    permission java.util.PropertyPermission "jboss.remoting.compression.min", "read";   
+    permission java.util.PropertyPermission "jboss.remoting.domain", "write";
+    permission java.util.PropertyPermission "jboss.remoting.instanceid", "write";
+    permission java.util.PropertyPermission "jboss.remoting.jmxid", "write";
+    permission java.util.PropertyPermission "jboss.remoting.pre_2_0_compatible", "read";
+    permission java.util.PropertyPermission "jboss.remoting.version", "read, write";
+    permission java.util.PropertyPermission "jboss.server.data.dir", "read";
+    permission java.util.PropertyPermission "legacyParsing", "read";
+    permission java.util.PropertyPermission "org.apache.tomcat.util.*", "read";
+    permission java.util.PropertyPermission "org.jboss.remoting.defaultSocketFactory", "read";
+    permission java.util.PropertyPermission "org.jboss.security.ignoreHttpsHost" , "read";
+    permission java.util.PropertyPermission "remoting.bind_by_host", "read";
+    permission java.util.PropertyPermission "remoting.stream.host", "read";   
+    permission java.util.PropertyPermission "remoting.stream.port", "read"; 
+    permission java.util.PropertyPermission "remoting.stream.transport", "read";   
+    permission java.util.PropertyPermission "tomcat.util.buf.StringCache.*", "read";
+    
+    
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Tomcat native - TODO - this should be in a privileged block in jbossnative
+
+//    permission java.lang.RuntimePermission "loadLibrary.tcnative-1";
+//    permission java.lang.RuntimePermission "loadLibrary.libtcnative-1";
+//    permission java.util.PropertyPermission "java.library.path", "read";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// TODO - JBoss Serialization SHOULD be doing these operations in a privileged block - JBSER-105
+
+    permission java.lang.RuntimePermission "accessDeclaredMembers";
+    permission java.lang.RuntimePermission "accessClassInPackage.*";
+    permission java.lang.RuntimePermission "reflectionFactoryAccess";
+    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+    permission java.io.SerializablePermission "enableSubclassImplementation";
+
+    // org.jboss.remoting.serialization.impl.java.MarshalledValueOutputStream
+    permission java.io.SerializablePermission "enableSubstitution"; // <- this one is a "maybe" :-)
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// TODO - We should use a version of JBoss logging + log4j that does this stuff in privileged blocks
+
+      permission java.io.FilePermission "${build.home}/src/etc/log4j.properties", "read";
+      permission java.io.FilePermission "${build.home}/src/etc/log4j.xml", "read";
+      permission java.io.FilePermission "${build.home}/lib/apache-log4j/lib/log4j.jar", "read";
+      permission java.io.FilePermission "${build.home}/output/classes/-", "read";
+      permission java.lang.RuntimePermission "accessClassInPackage.*";
+      permission java.util.PropertyPermission "org.jboss.logging.Logger.pluginClass", "read";
+      permission java.util.PropertyPermission "log4j.defaultInitOverride", "read";
+      permission java.util.PropertyPermission "elementAttributeLimit", "read";
+      permission java.util.PropertyPermission "maxOccurLimit", "read";
+      permission java.util.PropertyPermission "entityExpansionLimit", "read";
+      permission java.util.PropertyPermission "javax.xml.parsers.DocumentBuilderFactory", "read";
+      permission java.util.PropertyPermission "log4j.ignoreTCL", "read";
+      permission java.util.PropertyPermission "log4j.configuratorClass", "read";
+      permission java.util.PropertyPermission "log4j.configDebug", "read";
+      permission java.util.PropertyPermission "log4j.debug", "read";
+      permission java.util.PropertyPermission "log4j.configuration", "read";
+      permission java.util.PropertyPermission "org.apache.commons.logging.LogFactory", "read";
+      permission java.util.PropertyPermission "org.apache.commons.logging.Log", "read";
+};
+
+
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//****           Permissions for third party libraries          ****
+//******************************************************************
+//****************************************************************** 
+grant codeBase "file:${build.home}/lib/-"
+{
+    permission java.security.AllPermission;
+};
+

Added: remoting2/branches/2.x/src/etc/remoting.security.policy.tests
===================================================================
--- remoting2/branches/2.x/src/etc/remoting.security.policy.tests	                        (rev 0)
+++ remoting2/branches/2.x/src/etc/remoting.security.policy.tests	2008-04-04 22:47:48 UTC (rev 3901)
@@ -0,0 +1,98 @@
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//****   Permissions needed by Remoting to run the test suite   ****
+//******************************************************************
+//******************************************************************     
+grant codeBase "file:${build.home}/output/classes/-"
+{
+    // Permission to read the test keystore
+    permission java.io.FilePermission "${build.home}/output/tests/classes/-", "read";
+    
+    // org.jboss.test.remoting.detection.metadata.MetadataTestCase
+    permission javax.management.MBeanPermission "org.jboss.test.remoting.detection.metadata.MetadataTestCase$TestNetworkRegistry#-[remoting:type=NetworkRegistry]", "isInstanceOf";
+
+    // org.jboss.ant.taskdefs.XMLJUnitMultipleResultFormatter calls
+    // org.jboss.remoting.util.SystemUtility
+    permission java.util.PropertyPermission "jboss-junit-configuration", "read";
+};
+
+
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//***************************************************
+//****     Permissions used by the test suite    ****
+//***************************************************
+//***************************************************
+grant codeBase "file:${build.home}/output/tests/classes/-"
+{
+    permission java.io.FilePermission "${build.home}/output/tests/classes/org/jboss/test/remoting/classloader/race/test.jar", "read";
+
+    // Used by the descendents of org.jboss.test.remoting.shutdown.ShutdownTestParent.
+    permission java.io.FilePermission "<<ALL FILES>>", "execute";
+    
+    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+
+    permission java.lang.RuntimePermission "enableContextClassLoaderOverride";
+    permission java.lang.RuntimePermission "createClassLoader";
+    permission java.lang.RuntimePermission "getClassLoader";
+    permission java.lang.RuntimePermission "setContextClassLoader";
+        
+    permission javax.management.MBeanTrustPermission "register";
+
+    permission javax.management.MBeanServerPermission "createMBeanServer, findMBeanServer";
+//    permission javax.management.MBeanServerPermission "*";
+    permission javax.management.MBeanPermission "org.jboss.remoting.transport.*#-[jboss.remoting:service=invoker,*]", "unregisterMBean, registerMBean, queryMBeans, isInstanceOf";
+    permission javax.management.MBeanPermission "org.jboss.remoting.transport.Connector#-[jboss.remoting:type=Connector,*]", "registerMBean, unregisterMBean, queryMBeans, isInstanceOf";
+    permission javax.management.MBeanPermission "org.jboss.remoting.transport.Connector#-[test:type=connector]", "registerMBean";
+    permission javax.management.MBeanPermission "org.jboss.test.remoting.detection.metadata.MetadataTestCase$TestNetworkRegistry#-[remoting:type=NetworkRegistry]", "registerMBean, unregisterMBean, queryMBeans, isInstanceOf, addNotificationListener";
+    permission javax.management.MBeanPermission "org.jboss.remoting.network.NetworkRegistry#-[remoting:type=NetworkRegistry]", "registerMBean, unregisterMBean, queryMBeans, isInstanceOf, addNotificationListener";
+    permission javax.management.MBeanPermission "org.jboss.remoting.detection.multicast.MulticastDetector#-[remoting:*]", "registerMBean, unregisterMBean, queryMBeans, isInstanceOf";
+    permission javax.management.MBeanPermission "org.jboss.remoting.security.SSLServerSocketFactoryService#-[jboss:type=serversocketfactory]", "registerMBean, queryMBeans, isInstanceOf";
+    permission javax.management.MBeanPermission "org.jboss.test.remoting.transport.config.FactoryConfigTestCaseParent$SelfIdentifyingServerSocketFactory#-[jboss:type=serversocketfactory]", "registerMBean, queryMBeans, isInstanceOf";
+    permission javax.management.MBeanPermission "org.jboss.remoting.security.SSLServerSocketFactoryService#-[jboss:type=serversocketfactory2]", "registerMBean";
+    permission javax.management.MBeanPermission "org.jboss.remoting.security.SSLServerSocketFactoryService#createServerSocket[jboss:*]", "invoke";
+    permission javax.management.MBeanPermission "org.jboss.test.remoting.transport.rmi.ssl.config.FactoryConfigTestCase$SerializableServerSocketFactory#-[jboss:type=serversocketfactory]", "registerMBean";
+    permission javax.management.MBeanPermission "org.jboss.test.remoting.transport.rmi.ssl.config.FactoryConfigTestCase$SerializableServerSocketFactory#-[jboss:type=serversocketfactory2]", "registerMBean";
+    permission javax.management.MBeanPermission "org.jboss.remoting.transport.socket.SocketServerInvoker#Configuration[jboss.remoting:service=invoker,*]", "getAttribute";
+    
+    // This is technically the JNP server, but it seems intentional - note that this might mask other problems though
+    permission java.net.SocketPermission "*:*", "accept, connect, resolve";
+
+    // TODO - this stuff ought to be in privileged blocks within the Ant JUnit task
+    permission java.util.PropertyPermission "*", "read, write"; // ugh
+
+    // TODO - JBoss Serialization SHOULD be doing these operations in a privileged block - JBSER-105
+//    permission java.lang.RuntimePermission "accessDeclaredMembers";
+//    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+//    permission java.lang.RuntimePermission "accessClassInPackage.sun.reflect";
+//    permission java.lang.RuntimePermission "reflectionFactoryAccess";
+//    permission java.io.SerializablePermission "enableSubclassImplementation";
+//    permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+//    permission java.io.SerializablePermission "enableSubstitution"; // <- this one is a "maybe" :-)
+    
+    permission java.util.PropertyPermission "loader.path", "read";
+
+    // TESTING ONLY - Use with the LoggingSecurityManager to locate needed permissions for the above block
+//    permission java.security.AllPermission;
+};
+
+
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//****           Permissions for third party libraries          ****
+//******************************************************************
+//****************************************************************** 
+grant codeBase "file:${build.home}/lib/-"
+{
+    permission java.security.AllPermission;
+};
+
+grant codeBase "file:${ant.library.dir}/-" {
+    permission java.security.AllPermission;
+};
+
+//grant codeBase "file:${build.home}/src/etc/-" {
+//    permission java.security.AllPermission;
+//};
\ No newline at end of file

Added: remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal
===================================================================
--- remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal	                        (rev 0)
+++ remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal	2008-04-04 22:47:48 UTC (rev 3901)
@@ -0,0 +1,25 @@
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//****          Minimal set of permissions for tests            ****
+//******************************************************************
+//****************************************************************** 
+
+grant codeBase "file:${ant.library.dir}/-"
+{
+    permission java.security.AllPermission;
+};
+
+grant codeBase "file:${build.home}/output/classes/-"
+{
+    // org.jboss.ant.taskdefs.XMLJUnitMultipleResultFormatter calls
+    // org.jboss.remoting.util.SystemUtility
+    permission java.util.PropertyPermission "jboss-junit-configuration", "read";
+};
+
+grant codeBase "file:${build.home}/output/tests/classes/-"
+{
+    // org.jboss.test.remoting.transport.InvokerTestDriver
+    permission java.util.PropertyPermission "remoting.metadata", "read";
+    permission java.util.PropertyPermission "jvm.mx", "read";
+};
\ No newline at end of file

More information about the jboss-remoting-commits mailing list