[
https://jira.jboss.org/jira/browse/JBNAME-8?page=com.atlassian.jira.plugi...
]
Scott M Stark resolved JBNAME-8.
--------------------------------
Resolution: Done
The following permissions have been added:
NamingContext.getHANamingServerForPartition/getHANamingServerForPartition/removeHANamingServerForPartition:
private static RuntimePermission GET_HA_NAMING_SERVER = new
RuntimePermission("org.jboss.naming.NamingContext.getHANamingServerForPartition");
private static RuntimePermission SET_HA_NAMING_SERVER = new
RuntimePermission("org.jboss.naming.NamingContext.setHANamingServerForPartition");
NamingContext.getLocal/setLocal
private static RuntimePermission GET_LOCAL_SERVER = new
RuntimePermission("org.jboss.naming.NamingContext.getLocal");
private static RuntimePermission SET_LOCAL_SERVER = new
RuntimePermission("org.jboss.naming.NamingContext.setLocal");
The NamingServer has a new JndiPermission(String path, String actions) permission that is
adopted from the java.io.FilePermission. It uses only the unix '/' path separator,
and has the following actions:
bind - Context.bind permission
rebind - Context.rebind permission
unbind - Context.unbind permission.
lookup - Context.lookup permission.
list - Context.list permission.
listBindings - Context.listBindings permission.
createSubcontext - Context.createSubcontext permission
* - alias for all of the above actions
It also has a special path name <<ALL BINDINGS>> that matches any jndi path,
similar to the FilePermission <<ALL FILES>> path.
Security Permissions for JNDI sensitive operations
--------------------------------------------------
Key: JBNAME-8
URL:
https://jira.jboss.org/jira/browse/JBNAME-8
Project: JBoss Naming
Issue Type: Task
Components: jnpserver
Affects Versions: 5.0.0.CR2
Reporter: Anil Saldhana
Assignee: Scott M Stark
Fix For: 5.0.0.CR3
ctx.rebind is the most critical.
Please add perms to all JNDI ops.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira