[jboss-jira] [JBoss JIRA] Resolved: (JBNAME-8) Security Permissions for JNDI sensitive operations

[ https://jira.jboss.org/jira/browse/JBNAME-8?page=com.atlassian.jira.plugi... ] Scott M Stark resolved JBNAME-8. -------------------------------- Resolution: Done The following permissions have been added: NamingContext.getHANamingServerForPartition/getHANamingServerForPartition/removeHANamingServerForPartition: private static RuntimePermission GET_HA_NAMING_SERVER = new RuntimePermission("org.jboss.naming.NamingContext.getHANamingServerForPartition"); private static RuntimePermission SET_HA_NAMING_SERVER = new RuntimePermission("org.jboss.naming.NamingContext.setHANamingServerForPartition"); NamingContext.getLocal/setLocal private static RuntimePermission GET_LOCAL_SERVER = new RuntimePermission("org.jboss.naming.NamingContext.getLocal"); private static RuntimePermission SET_LOCAL_SERVER = new RuntimePermission("org.jboss.naming.NamingContext.setLocal"); The NamingServer has a new JndiPermission(String path, String actions) permission that is adopted from the java.io.FilePermission. It uses only the unix '/' path separator, and has the following actions: bind - Context.bind permission rebind - Context.rebind permission unbind - Context.unbind permission. lookup - Context.lookup permission. list - Context.list permission. listBindings - Context.listBindings permission. createSubcontext - Context.createSubcontext permission * - alias for all of the above actions It also has a special path name <<ALL BINDINGS>> that matches any jndi path, similar to the FilePermission <<ALL FILES>> path. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira