[jboss-cvs] JBossAS SVN: r81264 - trunk/testsuite/src/resources/securitymgr.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 18 18:39:09 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-18 18:39:09 -0500 (Tue, 18 Nov 2008)
New Revision: 81264
Modified:
trunk/testsuite/src/resources/securitymgr/server.policy
Log:
JBAS-4154: further refine policy
Modified: trunk/testsuite/src/resources/securitymgr/server.policy
===================================================================
--- trunk/testsuite/src/resources/securitymgr/server.policy 2008-11-18 23:38:04 UTC (rev 81263)
+++ trunk/testsuite/src/resources/securitymgr/server.policy 2008-11-18 23:39:09 UTC (rev 81264)
@@ -155,6 +155,8 @@
permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","list,lookup";
permission org.jboss.naming.JndiPermission "env","list";
permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.lang.RuntimePermission "getProtectionDomain";
};
grant codeBase "vfszip:${jboss.test.deploy.dir}/-" {
@@ -163,13 +165,46 @@
//This block needs to go when https://jira.jboss.org/jira/browse/JBMESSAGING-1446 is handled
grant codeBase "vfszip:${jboss.test.deploy.dir}/cts.jar" {
- permission java.lang.RuntimePermission "getClassLoader,setContextClassLoader";
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
};
+
+grant codeBase "vfszip:${jboss.test.deploy.dir}/class-loading.war/WEB-INF/classes/" {
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+};
+
+
+//JBCOMMON-75
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-audit.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-cmrstress.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-cmrtransaction.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-commerce.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-perf.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-relationship.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "vfszip:${jboss.test.deploy.dir}/cmp2-simple.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
-// accessDeclaredPackages has been added temporarily - EJBTHREE-1587
+//****************************************************************
+// Default block of permissions
// Minimal permissions are allowed to everyone else
+//****************************************************************
grant {
permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "read";
permission java.io.FilePermission "${jboss.home.dir}/server/lib/quartz.jar/org/quartz/quartz.properties", "read";
@@ -179,7 +214,6 @@
permission java.lang.RuntimePermission "queuePrintJob";
permission java.net.SocketPermission "*", "connect";
permission java.security.SecurityPermission "getPolicy";
- permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getSubject";
permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getSubjectInfo";
More information about the jboss-cvs-commits
mailing list