Author: ron.sigal(a)jboss.com
Date: 2008-04-04 18:47:48 -0400 (Fri, 04 Apr 2008)
New Revision: 3901
Added:
remoting2/branches/2.x/src/etc/remoting.security.policy.core
remoting2/branches/2.x/src/etc/remoting.security.policy.tests
remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal
Log:
JBREM-934: Moved test.policy to src/etc and split it into remoting.security.policy.core,
remoting.security.policy.tests, and remoting.security.policy.tests.minimal.
Added: remoting2/branches/2.x/src/etc/remoting.security.policy.core
===================================================================
--- remoting2/branches/2.x/src/etc/remoting.security.policy.core
(rev 0)
+++ remoting2/branches/2.x/src/etc/remoting.security.policy.core 2008-04-04 22:47:48 UTC
(rev 3901)
@@ -0,0 +1,232 @@
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//***************************************************
+//****
+//**** Permissions to run Remoting. This file is a sample security policy file
+//**** with the permissions necessary to run the code in the org.jboss.remoting.*
+//**** packages. All security sensitive calls in Remoting are wrapped in a
+//**** java.security.AccessController.doPrivileged() call, so that Remoting classes
+//**** can function in the context of a java.lang.SecurityManager, given the
permissions
+//**** listed below, even if the calling code runs without these restrictions.
+//****
+//**** There are two ways in which it may be necessary or desirable to modify the
+//**** the permissions listed below.
+//****
+//**** 1. It may be necessary to change the java.io.FilePermission permissions,
according
+//**** to the configuration of certain files. See the "File permissions"
section below.
+//****
+//**** 2. Some permission may be eliminated, according to which Remoting facilities are
used.
+//****
+//**** Other than changes made according to item 1, it should not be necessary to
grant
+//**** any additional permissions.
+//****
+//***************************************************
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+
+
+grant codeBase "file:${build.home}/output/classes/-"
+{
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// File permissions
+
+// permission java.io.FilePermission "${build.home}", "read";
+// permission java.io.FilePermission "${build.home}/jboss.identity",
"read";
+// permission java.io.FilePermission "${build.home}", "read";
+// permission java.io.FilePermission "-", "read";
+
+ // Used by org.jboss.remotinng.callback.CallbackStore.
+ // This permission might need to be changed, depending on where the CallbackStore
+ // is configured to exist, according to system property
"jboss.server.data.dir".
+ // The default location is <current directory>/data.
+ permission java.io.FilePermission "./data", "read, write,
delete";
+
+ // Permission for org.jboss.remoting.ident.Identity to create and read
"jboss.identity" file.
+ // This permission might need to be changed, depending on the directory in which the
+ // "jboss.identity" file is configured to exist. That directory is
configed according to
+ //
+ // 1. the "ServerDataDir" attribute of the
"jboss.system:type=ServerConfig" MBean, if that MBean exists, or
+ // 2. the "jboss.identity.dir" system property, if that property exists,
or
+ // 3. the current directory.
+ permission java.io.FilePermission ".", "read, write";
+// permission java.io.FilePermission "-", "read, write";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Used by remote class loading system
+
+ permission java.lang.RuntimePermission "createClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Used by:
+// org.jboss.remoting.security.SSLSOcketBuilder
+// org.jboss.remoting.transport.coyote.CoyoteInvoker
+// org.jboss.remoting.transport.http.HTTPClientInvoker
+// org.jboss.remoting.transport.servlet.web.ServerInvokerServlet
+// org.jboss.remoting.transporter.TransporterHandler
+// org.jboss.remoting.InvokerRegistry
+
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// MBean permissions
+
+ permission javax.management.MBeanTrustPermission "register";
+
+ // org.jboss.remoting.callback.ServerInvokerCallbackHandler ?? getClassLoader
+ permission javax.management.MBeanPermission "*#SSLSocketBuilder[*:*]",
"getAttribute";
+// permission
javax.management.MBeanPermission"org.jboss.remoting.security.SSLServerSocketFactoryServiceMBean#-[*:*]",
"getClassLoaderFor, isInstanceOf";
+// permission javax.management.MBeanPermission
"org.jboss.remoting.security.SSLServerSocketFactoryService#-[*:*]",
"getClassLoaderFor";
+ permission javax.management.MBeanPermission "*#-[*:*]",
"isInstanceOf";
+
+ // org.jboss.remoting.detection.AbstractDetector // necessary for proxy ?
+ permission javax.management.MBeanPermission
"*#addServer[remoting:type=NetworkRegistry]", "invoke";
+ permission javax.management.MBeanPermission
"*#updateServer[remoting:type=NetworkRegistry]", "invoke";
+ permission javax.management.MBeanPermission
"*#removeServer[remoting:type=NetworkRegistry]", "invoke";
+ permission javax.management.MBeanPermission "*#Servers[*:*]",
"getAttribute"; // needed
+
+
+ // org.jboss.remoting.detection.util.DetectorUtil
+ permission javax.management.MBeanServerPermission "createMBeanServer";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.network.NetworkRegistry#-[remoting:type=NetworkRegistry]",
"registerMBean";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.transport.Connector#-[jboss.remoting:type=Connector,*]",
"registerMBean";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.detection.*#-[remoting:type=Detector,*]",
"registerMBean";
+// permission javax.management.MBeanPermission
"org.jboss.remoting.transport.Connector#-[jboss.remoting:type=Connector,*]",
"registerMBean, queryMBeans, isInstanceOf";
+
+
+ // org.jboss.remoting.ident.Identity
+// permission javax.management.MBeanPermission
"javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]",
"isInstanceOf";
+ permission javax.management.MBeanPermission
"javax.management.MBeanServerDelegate#MBeanServerId[JMImplementation:type=MBeanServerDelegate]",
"getAttribute";
+ permission javax.management.MBeanPermission
"-#ServerDataDir[jboss.system:type=ServerConfig]", "getAttribute";
+// permission javax.management.MBeanPermission
"javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]",
"queryMBeans, isInstanceOf";
+
+ // org.jboss.remoting.network.NetworkRegistryFinder
+ permission javax.management.MBeanPermission "*#-[*:*]",
"queryMBeans";
+
+ // org.jboss.remoting.network.NetworkRegistryQuery // need getClassloaderFor ??
+ permission javax.management.MBeanPermission
"org.jboss.remoting.network.NetworkRegistry#-[*:*]", "isInstanceOf";
+
+ // org.jboss.remoting.security.CustomSSLServerSocketFactory // necessary ??
+ permission javax.management.MBeanPermission
"org.jboss.remoting.security.CustomSSLServerSocketFactory#*[*:*]",
"invoke";
+
+ // org.jboss.remoting.security.ServerSocketFactoryWrapper
+ permission javax.management.MBeanPermission "*#createServerSocket[*:*]",
"invoke";
+
+ // org.jboss.remoting.transport.Connector // isInstanceOf ??
+ permission javax.management.MBeanPermission
"org.jboss.remoting.transport.*#-[jboss.remoting:service=invoker,*]",
"registerMBean, unregisterMBean";
+// permission javax.management.MBeanPermission
"org.jboss.remoting.transport.*#-[jboss.remoting:service=invoker,*]",
"unregisterMBean, registerMBean, queryMBeans, isInstanceOf";
+
+ // org.jboss.remoting.transport.servlet.web.ServerInvokerServlet
+ permission javax.management.MBeanServerPermission "findMBeanServer";
+
+ // org.jboss.remoting.transporter.InternalTransporterServices
+ permission javax.management.MBeanPermission
"org.jboss.remoting.network.NetworkRegistry#-[remoting:type=NetworkRegistry]",
"registerMBean";
+
+ // org.jboss.remoting.transporter.TransporterClient and
org.jboss.remoting.transporter.Transporter.Server
+ permission javax.management.MBeanServerPermission "createMBeanServer";
+
+// permission javax.management.MBeanPermission "*#-[*:*]",
"isInstanceOf, registerMBean";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Can't create sockets without it
+
+ permission java.net.SocketPermission "*:*",
"accept,connect,listen,resolve";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// System properties accessed by Remoting
+
+ permission java.util.PropertyPermission "SERIALIZATION", "read";
+ permission java.util.PropertyPermission "file.separator",
"read";
+ permission java.util.PropertyPermission "http.basic.password",
"read";
+ permission java.util.PropertyPermission "http.basic.username",
"read";
+ permission java.util.PropertyPermission "javax.net.ssl.keyStore",
"read";
+ permission java.util.PropertyPermission "javax.net.ssl.keyStorePassword",
"read";
+ permission java.util.PropertyPermission "javax.net.ssl.keyStoreType",
"read";
+ permission java.util.PropertyPermission "javax.net.ssl.trustStore",
"read";
+ permission java.util.PropertyPermission "javax.net.ssl.trustStorePassword",
"read";
+ permission java.util.PropertyPermission "javax.net.ssl.trustStoreType",
"read";
+ permission java.util.PropertyPermission "jboss.bind.address",
"read";
+ permission java.util.PropertyPermission "jboss.identity", "read,
write";
+ permission java.util.PropertyPermission "jboss.identity.dir",
"read";
+ permission java.util.PropertyPermission "jboss.identity.domain",
"read";
+ permission java.util.PropertyPermission "jboss.remoting.compression.debug",
"read";
+ permission java.util.PropertyPermission "jboss.remoting.compression.min",
"read";
+ permission java.util.PropertyPermission "jboss.remoting.domain",
"write";
+ permission java.util.PropertyPermission "jboss.remoting.instanceid",
"write";
+ permission java.util.PropertyPermission "jboss.remoting.jmxid",
"write";
+ permission java.util.PropertyPermission
"jboss.remoting.pre_2_0_compatible", "read";
+ permission java.util.PropertyPermission "jboss.remoting.version",
"read, write";
+ permission java.util.PropertyPermission "jboss.server.data.dir",
"read";
+ permission java.util.PropertyPermission "legacyParsing", "read";
+ permission java.util.PropertyPermission "org.apache.tomcat.util.*",
"read";
+ permission java.util.PropertyPermission
"org.jboss.remoting.defaultSocketFactory", "read";
+ permission java.util.PropertyPermission
"org.jboss.security.ignoreHttpsHost" , "read";
+ permission java.util.PropertyPermission "remoting.bind_by_host",
"read";
+ permission java.util.PropertyPermission "remoting.stream.host",
"read";
+ permission java.util.PropertyPermission "remoting.stream.port",
"read";
+ permission java.util.PropertyPermission "remoting.stream.transport",
"read";
+ permission java.util.PropertyPermission "tomcat.util.buf.StringCache.*",
"read";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// Tomcat native - TODO - this should be in a privileged block in jbossnative
+
+// permission java.lang.RuntimePermission "loadLibrary.tcnative-1";
+// permission java.lang.RuntimePermission "loadLibrary.libtcnative-1";
+// permission java.util.PropertyPermission "java.library.path",
"read";
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// TODO - JBoss Serialization SHOULD be doing these operations in a privileged block -
JBSER-105
+
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+ permission java.lang.RuntimePermission "reflectionFactoryAccess";
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+ permission java.io.SerializablePermission "enableSubclassImplementation";
+
+ // org.jboss.remoting.serialization.impl.java.MarshalledValueOutputStream
+ permission java.io.SerializablePermission "enableSubstitution"; // <-
this one is a "maybe" :-)
+
+
+/////////////////////////////////////////////////////////////////////////////////////////////
+// TODO - We should use a version of JBoss logging + log4j that does this stuff in
privileged blocks
+
+ permission java.io.FilePermission
"${build.home}/src/etc/log4j.properties", "read";
+ permission java.io.FilePermission "${build.home}/src/etc/log4j.xml",
"read";
+ permission java.io.FilePermission
"${build.home}/lib/apache-log4j/lib/log4j.jar", "read";
+ permission java.io.FilePermission "${build.home}/output/classes/-",
"read";
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+ permission java.util.PropertyPermission
"org.jboss.logging.Logger.pluginClass", "read";
+ permission java.util.PropertyPermission "log4j.defaultInitOverride",
"read";
+ permission java.util.PropertyPermission "elementAttributeLimit",
"read";
+ permission java.util.PropertyPermission "maxOccurLimit",
"read";
+ permission java.util.PropertyPermission "entityExpansionLimit",
"read";
+ permission java.util.PropertyPermission
"javax.xml.parsers.DocumentBuilderFactory", "read";
+ permission java.util.PropertyPermission "log4j.ignoreTCL",
"read";
+ permission java.util.PropertyPermission "log4j.configuratorClass",
"read";
+ permission java.util.PropertyPermission "log4j.configDebug",
"read";
+ permission java.util.PropertyPermission "log4j.debug", "read";
+ permission java.util.PropertyPermission "log4j.configuration",
"read";
+ permission java.util.PropertyPermission
"org.apache.commons.logging.LogFactory", "read";
+ permission java.util.PropertyPermission "org.apache.commons.logging.Log",
"read";
+};
+
+
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//**** Permissions for third party libraries ****
+//******************************************************************
+//******************************************************************
+grant codeBase "file:${build.home}/lib/-"
+{
+ permission java.security.AllPermission;
+};
+
Added: remoting2/branches/2.x/src/etc/remoting.security.policy.tests
===================================================================
--- remoting2/branches/2.x/src/etc/remoting.security.policy.tests
(rev 0)
+++ remoting2/branches/2.x/src/etc/remoting.security.policy.tests 2008-04-04 22:47:48 UTC
(rev 3901)
@@ -0,0 +1,98 @@
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//**** Permissions needed by Remoting to run the test suite ****
+//******************************************************************
+//******************************************************************
+grant codeBase "file:${build.home}/output/classes/-"
+{
+ // Permission to read the test keystore
+ permission java.io.FilePermission "${build.home}/output/tests/classes/-",
"read";
+
+ // org.jboss.test.remoting.detection.metadata.MetadataTestCase
+ permission javax.management.MBeanPermission
"org.jboss.test.remoting.detection.metadata.MetadataTestCase$TestNetworkRegistry#-[remoting:type=NetworkRegistry]",
"isInstanceOf";
+
+ // org.jboss.ant.taskdefs.XMLJUnitMultipleResultFormatter calls
+ // org.jboss.remoting.util.SystemUtility
+ permission java.util.PropertyPermission "jboss-junit-configuration",
"read";
+};
+
+
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//***************************************************
+//**** Permissions used by the test suite ****
+//***************************************************
+//***************************************************
+grant codeBase "file:${build.home}/output/tests/classes/-"
+{
+ permission java.io.FilePermission
"${build.home}/output/tests/classes/org/jboss/test/remoting/classloader/race/test.jar",
"read";
+
+ // Used by the descendents of org.jboss.test.remoting.shutdown.ShutdownTestParent.
+ permission java.io.FilePermission "<<ALL FILES>>",
"execute";
+
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+
+ permission java.lang.RuntimePermission "enableContextClassLoaderOverride";
+ permission java.lang.RuntimePermission "createClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.lang.RuntimePermission "setContextClassLoader";
+
+ permission javax.management.MBeanTrustPermission "register";
+
+ permission javax.management.MBeanServerPermission "createMBeanServer,
findMBeanServer";
+// permission javax.management.MBeanServerPermission "*";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.transport.*#-[jboss.remoting:service=invoker,*]",
"unregisterMBean, registerMBean, queryMBeans, isInstanceOf";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.transport.Connector#-[jboss.remoting:type=Connector,*]",
"registerMBean, unregisterMBean, queryMBeans, isInstanceOf";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.transport.Connector#-[test:type=connector]",
"registerMBean";
+ permission javax.management.MBeanPermission
"org.jboss.test.remoting.detection.metadata.MetadataTestCase$TestNetworkRegistry#-[remoting:type=NetworkRegistry]",
"registerMBean, unregisterMBean, queryMBeans, isInstanceOf,
addNotificationListener";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.network.NetworkRegistry#-[remoting:type=NetworkRegistry]",
"registerMBean, unregisterMBean, queryMBeans, isInstanceOf,
addNotificationListener";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.detection.multicast.MulticastDetector#-[remoting:*]",
"registerMBean, unregisterMBean, queryMBeans, isInstanceOf";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.security.SSLServerSocketFactoryService#-[jboss:type=serversocketfactory]",
"registerMBean, queryMBeans, isInstanceOf";
+ permission javax.management.MBeanPermission
"org.jboss.test.remoting.transport.config.FactoryConfigTestCaseParent$SelfIdentifyingServerSocketFactory#-[jboss:type=serversocketfactory]",
"registerMBean, queryMBeans, isInstanceOf";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.security.SSLServerSocketFactoryService#-[jboss:type=serversocketfactory2]",
"registerMBean";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.security.SSLServerSocketFactoryService#createServerSocket[jboss:*]",
"invoke";
+ permission javax.management.MBeanPermission
"org.jboss.test.remoting.transport.rmi.ssl.config.FactoryConfigTestCase$SerializableServerSocketFactory#-[jboss:type=serversocketfactory]",
"registerMBean";
+ permission javax.management.MBeanPermission
"org.jboss.test.remoting.transport.rmi.ssl.config.FactoryConfigTestCase$SerializableServerSocketFactory#-[jboss:type=serversocketfactory2]",
"registerMBean";
+ permission javax.management.MBeanPermission
"org.jboss.remoting.transport.socket.SocketServerInvoker#Configuration[jboss.remoting:service=invoker,*]",
"getAttribute";
+
+ // This is technically the JNP server, but it seems intentional - note that this
might mask other problems though
+ permission java.net.SocketPermission "*:*", "accept, connect,
resolve";
+
+ // TODO - this stuff ought to be in privileged blocks within the Ant JUnit task
+ permission java.util.PropertyPermission "*", "read, write"; //
ugh
+
+ // TODO - JBoss Serialization SHOULD be doing these operations in a privileged block
- JBSER-105
+// permission java.lang.RuntimePermission "accessDeclaredMembers";
+// permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+// permission java.lang.RuntimePermission
"accessClassInPackage.sun.reflect";
+// permission java.lang.RuntimePermission "reflectionFactoryAccess";
+// permission java.io.SerializablePermission
"enableSubclassImplementation";
+// permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+// permission java.io.SerializablePermission "enableSubstitution"; // <-
this one is a "maybe" :-)
+
+ permission java.util.PropertyPermission "loader.path", "read";
+
+ // TESTING ONLY - Use with the LoggingSecurityManager to locate needed permissions
for the above block
+// permission java.security.AllPermission;
+};
+
+
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//**** Permissions for third party libraries ****
+//******************************************************************
+//******************************************************************
+grant codeBase "file:${build.home}/lib/-"
+{
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${ant.library.dir}/-" {
+ permission java.security.AllPermission;
+};
+
+//grant codeBase "file:${build.home}/src/etc/-" {
+// permission java.security.AllPermission;
+//};
\ No newline at end of file
Added: remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal
===================================================================
--- remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal
(rev 0)
+++ remoting2/branches/2.x/src/etc/remoting.security.policy.tests.minimal 2008-04-04
22:47:48 UTC (rev 3901)
@@ -0,0 +1,25 @@
+//****************************************************************************************************************************************************************
+//****************************************************************************************************************************************************************
+//******************************************************************
+//**** Minimal set of permissions for tests ****
+//******************************************************************
+//******************************************************************
+
+grant codeBase "file:${ant.library.dir}/-"
+{
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${build.home}/output/classes/-"
+{
+ // org.jboss.ant.taskdefs.XMLJUnitMultipleResultFormatter calls
+ // org.jboss.remoting.util.SystemUtility
+ permission java.util.PropertyPermission "jboss-junit-configuration",
"read";
+};
+
+grant codeBase "file:${build.home}/output/tests/classes/-"
+{
+ // org.jboss.test.remoting.transport.InvokerTestDriver
+ permission java.util.PropertyPermission "remoting.metadata",
"read";
+ permission java.util.PropertyPermission "jvm.mx", "read";
+};
\ No newline at end of file